C. Technology in support of green and social values

14. Organise resilience: avoid excessive dependence on digital systems, retain non-digital options, and invest in cybersecurity.

 
The stronger our dependence on digital systems, the greater the disruption if these systems fail or are hacked. In order to protect resilience, we should think twice before completely digitising the systems that keep our societies running, such as the payment system.

If we maintain cash currency for smaller transactions – also at public administration service points – we can save ourselves for a while if the payment system is down due to a cyberattack, a power outage, or a banking crisis.[1] Maintaining cash not only protects societal resilience, but also the self-reliance of individuals: children, elderly people, and persons with disabilities, for instance. Some of them do not have a payment card, find it difficult to use such a card, or lose the overview of their finances when they make digital payments. A cashless society would also make life (even) harder for undocumented migrants who do not have access to a bank account, a payment card, or a payment app.
“Cash payments facilitate the inclusion of the entire population in the economy,” according to the European Central Bank. It has warned municipalities that they are in breach of European rules if they adopt a no-cash policy.
[2]

Resilience includes both the ability to withstand disruptions and the ability to adapt to changing circumstances, such as climate change. Resilience benefits from diversity: analogue components that enable key facilities to function when digital control fails, renewable energy sources and energy carriers that can (partly) fill in for each other. If we power vehicles not only with green electricity but also with green hydrogen, we can prevent an overall transport shutdown in the event of a lengthy power outage. Resilience also benefits from modularity: it is desirable for subsystems to have a certain degree of autonomy, so that they can continue to function if there is a disruption elsewhere in the system. A local smart grid that can continue to supply power from local energy sources and batteries if the main grid has gone down is resilient.[3]

Strengthening resilience necessitates investments in cybersecurity. A smart city sets high security requirements for suppliers of digital applications, from 'security by design' to fast and adequate security updates. It avoids becoming dependent on a single sup­plier and shuns the use of hardware and software from countries such as China and Russia for critical infrastructure[4], in view of the risks of digital espionage and sabota­ge. It exclusively uses domestic or Euro­pean cloud services. It not only trains its employees to be alert to digital threats such as phishing emails, but also solicits them to signal security risks. It invites security researchers, including ethical hackers, to dis­cover and report vulnerabilities in its ICT systems. It simulates crises in which multi­ple digital systems fail or are held ransom, and shares the results with others.

Cybersecurity also includes data minimisation: you can't leak personal data if you do not have it. For example, it is not always necessary to register national identification num­bers for communications between municipalities and citizens.

Return to principles

Further viewing

Video: European Union Agency for Cybersecurity, cyber crisis simulation

Footnotes

[1] David Crouch, 'Being cash-free puts us at risk of attack: Swedes turn against cashlessness', The Guardian, 3 April 2018
[2] European Central Bank, letter to De Nederlandsche Bank on no-cash policy of Dutch municipalities, 20 September 2018
[3] See Dirk Holemans, ‘Freedom and Security in the Twenty-first Century’, in: Erica Meijers (ed.), Populism in Europe, 2011, pp. 171-186
[4] Including the essential services listed in Annex II of EU-directive 2016/1148 on the security of network and information systems

Return to principles

Reactie toevoegen