Link to downloadable PDF: Working paper on the Institutional Landscape of Global Digitalisation Governance

By Lars Gjesvik (NUPI), Eneken Tikk (TalTech)

The institutional landscape of digitalization and cybersecurity has expanded and diversified significantly over the past decade. Hundreds of venues and processes are currently invested in digital and cyber policy making – some concerned with digitalization and cybersecurity in their respective areas of activity, others promoting more generalized policy approaches and yet others supporting digital growth and cyber resilience around the world. Such institutional churn is not particular to digital and cyber fields; however, it has direct implications on digital and cyber policy design and implementation. We make the following recommendations based on the findings of the first phase of our research:

1. The rapid expansion of the institutional and procedural landscape necessitates a regular review and triage of venues and processes. This would serve several purposes: detecting and designing strategic avenues for pursuing own (or allied) interests and objectives; tracking strategic use of processes and venues by other actors of interest; observing momentum, paradigm and discourse changes and signals of decay or growth of particular venues and processes. A step towards such review could be a more thorough analysis of the existing venues and processes with reference to their leading agendas and actors.
2. Given the diversity of available venues and processes, it becomes both necessary and possible to analyze optimal (and sub-optimal) venue configurations, for instance with the view of maximizing stakeholder involvement, increasing the intensity or frequency of discussions or fixing (or alternating between different) levels and focal points. It is essential to consider that different venues and processes can be instrumentalized for a particular strategic or normative goal, whereas distinct venues can become entangled through the pursuit of several incompatible goals and agendas.
3. Cyber and digital policy toolkits could address metrics for evaluating venue efficiency. This includes awareness of perceptions linked to the venues utilized or led by respective actors. For instance, the analysis indicates that several EU agencies (ENISA) and frameworks (GDPR, DMA) have significant international standing. These could be instrumentalized to achieve the EU’s goals through (re-)designing them into deliberate platforms or channeling relevant strengths into other international discussions and policies.

Designing meaningful and efficient digital and cyber policy pathways requires drawing more concrete connections between a given actor’s priorities and available platforms. This will be the focus of the second phase of our research.