Remember the new economy? With the economic slowdown, the dot.com crash and the events of 11 September many people have decided to try to forget. Yet, while the exuberance may be over and a new realism is the order of the day, the OECD is looking to a resurgent new economy to drive the next phase of growth. But, given the experience of the past two years, can we be confident that the new economy will not be a more unstable and dangerous place than the old?
In early 2000, following a period of strong economic expansion among OECD countries during the 1990s, commentators picked out new technologies as the drivers of the “new economy”. The OECD Growth Study, significantly entitled The New Economy: Beyond the Hype, found that although technology was not the only reason for fast growth, it had a profound and pervasive effect through raising productivity. A year or more later, with the effects of the slowdown sharpened by the events of 11 September, the same commentators tended to place much of the blame on over-exuberant behaviour with respect to these same technologies. Security concerns regarding technology, as well as a heightened consciousness about our dependence on it, were never far away. Now, with economic indicators again pointing towards recovery, economy-watchers are once more looking to innovation and technology – mainly information and communications technologies and biotechnology – to drive the next phase of expansion. The hope is that, somehow, the next phase will be more secure, more stable, more durable, more widely shared and more soundly based than in the 1990s. Will it?
There is some promising evidence. For example, even during the downturn in output growth, productivity, exceptionally, has held up well, and inflation and unemployment have been kept in check. Some of the shakeout has been healthy. Investors and product markets in the technology domain are shaking off their hangovers and are again looking for opportunities. Research and innovation have continued strongly and rollout of infrastructure, with its attendant network effects, has largely kept up its momentum.
In fact, more than ever before, we are counting on innovation and new technologies to drive the growth of the economy, jobs and living standards. The impact and penetration of biotechnology, IT and its applications, such as broadband and electronic commerce, will certainly be felt throughout the economy and society. The OECD, perhaps best known for its economic policy analysis, is also addressing the security issues that run in parallel with the rapid technological advances already under way.
Making the information society safer
We depend increasingly on computers and networks in the economy and society, at home and in the workplace. As these systems become ever more powerful, complex and interconnected, it is in our interests to make sure they are robust, reliable and available when we want them. Whether we are talking about infrastructure or services, about accidental failure or deliberate attack, or about the physical or virtual level, we need to have confidence that someone, somewhere, is minding the shop.
The whole environment surrounding the use of information and communications technology has changed substantially in the last few years. Ever more powerful personal computers, interconnecting networks, converging technologies and, in many countries, a very widespread use of the Internet have replaced what were modest, stand-alone systems and predominantly closed networks.
The issue is not restricted just to the communications networks. Other critical infrastructures such as power generation and distribution, financial markets and transport all rely heavily on the use of information systems and networks and tend to be interconnected globally. The technologies that constitute the communications and information infrastructure, with the advent of broadband services, high-speed backbone networks, Internet, wireless, and satellite systems, have changed significantly. The number and nature of access devices have multiplied.
A growing proportion of user access is through “always-on” high-speed communication. In addition, the Internet plays a major part in shaping how companies do business, how governments provide services to citizens and enterprises and how individual citizens communicate and exchange information. Protecting these systems against accidental failure, deliberate hacking or cyber-terrorism raises new issues for policymakers.
Technological development has greatly enhanced the security of the information system as a whole. Cryptographic technology can protect the confidentiality and the integrity of data, making electronic financial transactions safer and more reliable and making it possible to apply information technologies to commercial activities. However, technology also supplies potential attackers with the capacity for far faster penetration with wider and deeper impacts, all while leaving fewer traces.
The international network enables hackers to gain access to the tools that can be used for attacking known vulnerabilities of systems, while making it more difficult for investigators to track or trace them.
Given our wider and deeper reliance on information systems, the impact of such attacks is more significant than ever. For example, recent statistics from CERT (the Computer Emergency Response Team at Carnegie-Mellon University in the US) show the number of reported incidents affecting security is more than doubling every year. There were 3,734 systems and network security incidents reported in 1998, increasing to 9,859 in 1999, 21,759 in 2000 and 52,658 in 2001. Among the international responses to this trend is the Council of Europe Convention on Cybercrime which opened for signature in November last year.
While there are limits to what we can expect from end users, there is no question that everyone has a role to play in enhancing the security of the networked society. Everyone should be aware of relevant security risks and what preventive measures are available, should assume responsibility and take steps to improve the security of those systems and networks. Both proactive and reactive measures can make systems more secure through the rigorous and improved management of risks and security incidents. The OECD believes that participants in our information society should adopt and promote a “culture of security” as a way of thinking about, assessing and acting on the operation of information systems and networks. This should be ingrained in day-to-day behaviour.
Over the past decade the 1992 OECD Guidelines for the Security of Information Systems have established the principles upon which information security should be based. The OECD countries, spurred by the events of 11 September, are revising the Security Guidelines to take account of the new network environment. The revision aims to foster a “culture of security” by raising greater security awareness and advocating shared responsibility for security at all levels among participants that use information systems, particularly through networks.
Biotechnology: security dilemmas
For some, the knowledge-based economy is simply a forerunner of the bio-based economy – a future that is both more productive and also more sustainable. Advances in genetic science – and in specialist areas like genomics, proteonomics and metabolomics – are unlocking the hidden potential of biotechnology that we have heard so much about in recent years but which so far has seemed – to the casual observer at least – slow to deliver. Yet a closer look would reveal major advances all around us. In healthcare our understanding of disease and of how to treat it is as great a breakthrough as Harvey’s recirculation theory for blood. We see advances in agriculture, where regardless of the hype of the 1990s, real beneficial advances are now within reach, notably in crop yields and food quality, though clearly more testing is needed to improve safety and reassure users. And we see advances in biotechnology for the environment; a recent OECD report listed 21 cases where industry was using a biotechnological step to improve costs and power pollution (see references).
At the Salt Lake City Winter Olympics in 2002 all the plastic cola cups used were manufactured from polylactic acid – a new recyclable plastic made from corn. Biotechnology made this possible. But like all technologies, biotechnology can be applied for good or for evil. Bio-terrorism entered our lives with the release of the pathogen Bacillus anthracis (anthrax) in the United States last autumn. This led to calls for tighter restrictions on access to biological resources, to laboratories and to widely available scientific literature (including on the Internet). The free exchange of scientific information and ideas – a key driver in our knowledge-driven economies – is under threat.
However, a much greater threat comes to us from the unchecked rise in the incidence of infectious diseases across the globe. One important issue is the scale of emergence of new or previously unrecognised infectious diseases. Since the early 1970s at least 30 previously unknown infectious diseases, for which there is no effective treatment, have become prominent. They have enormous social and economic implications, which can be devastating, particularly for the poorest countries of the world. HIV/AIDS is the best known and is the one that has caused the greatest worldwide misery. Ebola Fever is another emerging threat. These diseases have something in common: the organisms that cause them can spread further and faster than ever before, for example because of international travel and tourism. After 11 September we have also become more aware of the potential for intentional spread of some of the most threatening pathogens and of our increased global vulnerability. Most of the countries in the world have now recognised the threat to their economies, their security and society that comes with disaster on this scale.
The solutions to these problems are of course frighteningly complex, but among the means at our disposal biotechnology offers a powerful force for combating the rise in infectious disease and the use of bio-weapons.
If the impact on public health of biological hazards is to be limited then early detection, diagnosis and response is imperative. This is as true for deliberately introduced biological hazards (e.g. bioweapons) as for naturally emerging diseases (e.g. avian influenza and HIV/AIDS). The same advances in genetics, molecular biology and nanotechnology that have driven advances in healthcare bring us techniques and devices such as bio-chip sensors for surveillance, early-warning, diagnosis and treatment of disease outbreaks – including outbreaks of deliberately introduced diseases. And they bring us approaches to oral vaccination and improved nutrition that have the potential to deal economically with major disease problems in developing countries without the infrastructure and costs of conventional medicines.
Though the events of 11 September and the ensuing anthrax scare provided the wake-up call, let us not forget that many of the threats to health and security in much of the world arise from inadequate access to good quality water for drinking and for irrigation. The challenge now is to harness the potential of biotechnology to improve strategies for public health response.
The OECD countries are collaborating with each other in assessing the implications for health of emerging and potentially emerging diseases. Simply, the international community needs to see biotechnology for what it is – not as part of the problem, but as a real and viable part of the solution.
• The Application of Biotechnology to Industrial Sustainability, OECD, 2001
©OECD Observer No. 231/232, May 2002