Strengths, Weaknesses, Opportunities and Threats TO...Thematic Objective TEÁOR...Single classification system of sectoral activities S&t...
Threats Education, training, research background: The new generation of researchers will not be sufficient (either in number or preparedness) to maintain an internationally competitive level;
and may also contain conscious risk-taking. Participants of the Local Research Priorisation Working groups: representatives of knowledge bases:
and there were instances where conscious entrepreneurial risk assumption was applied. 4. 3. 2. National Priorities Within the national research priorities,
smart business, company, home smart city information security, security technology gamification, simulation and optimisation technology e-learning systems big data data mining software development remote monitoring
conscious risk-taking or the technologies existing at the local level (e g. materials science, nanotechnology, biotechnology,
and conscious risk-taking prevail therein (for example, can the given smart technology be found in that county,
and wellbeing Food security, sustainable agriculture and forestry, marine research, marine and inland water research for exploitation,
Romania and Croatia is directions of specialization like cloud-based services or ICT security. The mining and raw material industry offer an opportunity for international cooperation with Bosnia and herzegovina
Owing to the risk potential risk factors of the RDI activities, one of the most typical form in the context is the nonrepayable grant.
Because of the high risk, ideas at an early stage which can be financed hardly on a market basis,
which tolerate implementation risks: typically, these are nonrefundable direct financial grants. The necessary support instruments must be provided to the start-up and spin-off undertakings,
Through public-private partnerships, the procurement process based on shared risks and benefits facilitates the development of new technologies,
opportunities, value is given to creativity, knowledge and risk-taking, the domestic business opportunities are given a value,
The players of the policy decision-makers who are willing to take risks are need in of a tool
as well as averting the risks of misuses that inevitably accompany any step of human evolution. I am thankful to the authors for this startling journey into a nascent field
as well as in fields ranging from the military to espionage. But there has been much less systematic support for innovations that use digital technology to address social challenges.
not surprisingly, would prefer digital social innovation to remain the domain of geeks, hackers and activists.
'There is great potential to exploit digital network effects, in social innovation activity and new services that generate social value,
is convenient for users but also locks users in at the expense of security, privacy and openness:
A main Internet trend-threat is recognised today: an increasing concentration of power in services in the hands of a few data aggregators, none of which are based in Europe (Google controlling nearly 82%of the global search market and 98%of the mobile search market,
For example, even the European Smart Cities project risks being dominated by US companies such as IBM, Google and Ciscos, partly because of the lack of alternatives.
This vision requires more investment in fundamental research to promote net-neutrality, strong encryption, banning of trivial patents, open standards and free software together with the multi-stakeholder governance model.
A major risk for the Future Internet is the realisation of the‘Big brother'scenario, with big industrial players (mainly US-based) reinforcing their dominant position by implementing platform lock in strategies,
and by striking strategic alliances between the largest Over-The-Top (OTT) iand largest network operators, there is a risk that the innovation ecosystem will become more closed,
Even more worrying, the latest NSA data-gate showed that intelligence agencies and governments have been engaging in mass surveillance operations,
with huge implication on civil liberties and privacy. 20 Growing a Digital Social Innovation Ecosystem for Europe 1 7 5 3 2 2+Growing a Digital Social
Research project, Advocating and campaigning, Maker and hacker spaces, Investing and Funding, Event, Incubators and Accelerators, Advisory or expert body, Education And Training. 3 Technology Trends:
from grassroots movements, think-tanks and universities to big charities and public museums are hosting small-scale workshop spaces often with digital tools and 3d printing facilities (maker spaces and hacker spaces.
There are now 96 known active hacker spaces worldwide, with 29 in the United states, according to Hackerspaces. org.
There are many more Hacklabs around the world that are branded not as hacker spaces, but are community labs that incentivise the diffusion of free and p2p culture and open technology.
and since then makerspaces have expanded from the electronics-centric hacker spaces to having a stronger emphasis on groups that attract a diversity of professionals such as artists, machinists, robotics engineers, bicycle makers, jewellery makers, photographers and fashion designers.
and hackers) to design and deliver public services that meet our societies'changing needs. Your Priorities platform in Reykjavik is offering a successful model experimenting with citizens in Iceland, integrating large-scale deliberation into democratic decisionmaking.
or to mobilise collective action and respond to community emergencies. Some of the best examples of DSI in Europe are clearly positively impacting society.
and respond to community emergencies, as in the case of Crisiscommons, Crisisnet and Ushahidi. Crisisnet CRISIS MAPPING Crisisnet is developed an initiative by Ushahidi10,
like Observe Hack Make, a five day outdoor international camping festival for hackers and makers,
and the Chaos Communication Camp, an international meeting of hackers that takes place every four years,
organised by the Chaos Computer Club (CCC) 11, an informal association of hackers from across Europe.
The Chaos Computer Club (CCC), Europe's largest network of hackers, is the most prominent example of grassroots communities coming together to develop
and provide information about technical and societal issues, such as surveillance, privacy, freedom of information, hacktivism and data security.
Supporting the principles of the hacker ethic, the club also fights for free access to computers and technological infrastructure for everybody.
The Chaos Computer Club (CCC) HACKERS NETWORKS 34 Growing a Digital Social Innovation Ecosystem for Europe The World wide web Consortium (W3c), an international community that works on developing
and more generally the hacking culture of sharing skills and knowledge. 46 Growing a Digital Social Innovation Ecosystem for Europe Arduino OPEN HARDWARE OPEN HARDWARE new ways of making
This can also mean increased surveillance prediction and control of people and the environment. However, as outlined by Rob Van Kranenburg,
AND ACCELERATORS MAKER AND HACKER SPACES ADVISORY OR EXPERT BODY INVESTMENT AND FUNDING 152 26 13 74 76 70 30 30 31 32 0 Project
enhancing cybe-security and mainstreaming digitalisation. The Digital Agenda for Europe20 Innovation Union21, and Horizon 202022 present an integrated approach to help the EU economy become more competitive,
and encryption Federated identity management Data control and data ownership The EU data protection reform package Directive on the reuse of public sector information Copyright reform Net Neutrality Magna carta for the Internet Enabling
and harmonise these areas whih, have so far been isolated left to developers, activists and hackers.
as given in both legal frameworks (such as data protection) and technologies (such as encryption) should apply to individual citizens.
In particular, more support is needed for encryption and anonymity technologies, such as attribute-based credentials built by ABC4TRUST63.
76 Growing a Digital Social Innovation Ecosystem for Europe DATA CONTROL AND DATA OWNERSHIP PRIVACY-AWARE TECHNOLOGIES AND ENCRYPTION An important effort towards a federated identity system
and analysed with the main objective of maximising value extraction (e g. for marketing, economic competition and surveillance).
to keep the Internet open, without surveillance and censorship, and to halt power abuses from Governments and corporations.
However, noninstitutional actors (hackers, geeks, social innovators and activists) are key in this process since they are able to generate creativity,
We found that the Authority actively monitors its exposure to risks related to technology approaching end-of-life.
This will enable engagement with stakeholders regarding risk cost, prioritisation and funding. 1 ttp://www. nhsbsa. nhsh. uk/Prescriptionservices/809. aspx 2 The Mcdonnell douglas hardware
in order to provide further assurance that risks arising from the move could be mitigated. The information governance arrangements are thorough and in line with NHS policy.
However, the IT staff we spoke to are unaware of the arrangements and accreditations to deal with the risks of cyber threat, fraud and other security threats. 6 Part One NHS Prescription Services:
or deliver a service in a different way. 1. 2 Public services that rely on legacy systems face a number of risks.
the government's stated preference is to extend the lives of such systems rather than face the risks and costs of replacing them.
service performance over time, with associated costs and risks; and an enterprise analysis8 measuring how mature the organisation is in managing,
Prescription Pricing Authority NHS Pensions Agency Dental practice Board NHS Logistics Authority NHS Counter Fraud and Security Management Service Authority.
and to address impending risks relating to technology approaching end-of-life. 2. 8 To meet the capacity demands,
Whilst this remains the case, the Authority is unlikely to be allowed to invest in the electronic submissions enhancements systems that could combat the risk of such frauds.
and address impending risks relating to technology approaching end-of-life. The Authority then took a sensible approach towards implementation with a feasibility study before moving to a controlled pilot
The legacy system is hindering compliance with NHS information standards 4. 9 The Authority has comprehensive corporate governance arrangements and a corporate risk register,
which describes strategic risks, their probability, potential impact and the agreed mitigations. A prescription pricing service programme board which includes representatives from the business
and the IT group meet monthly to discuss service issues, enhancements and risks, and ICT is discussed during these meetings. 4. 10 Risks discussed at the service area programme board feed into the corporate risk register.
An'end-of-life technology'risk register is maintained also that logs the risk and impact of a technology component that is approaching
or is already end-oflife. This ensures that the Authority is monitoring its exposure to risks related to technology that is approaching end-of-life in current systems. 3 4 NHS Prescription Services:
the impact of legacy ICT Part Four 23 4. 11 The Authority has adopted an enterprise architecture approach to ensure alignment of IT and business services,
with a small number of standby staff available to cover for absences and emergencies. The staff we met are typically long-serving and experienced,
the impact of legacy ICT Part Four 27 4. 25 The IT service provider is responsible for the disaster recovery and perimeter security arrangements and for carrying out regular disaster recovery
in order to provide further assurance that risks arising from the move can be mitigated. 4. 26 The information governance arrangements are thorough and in line with the NHS policies,
and the Authority assesses its compliance against the NHS-wide Information Governance Toolkit. 13 No major security incidents were reported in 2011-12.
However, the IT staff we spoke to were unaware of the arrangements and accreditations to deal with the risks of cyber threat and fraud and other security threats.
the impact of legacy ICT Part Five 31 Figure 10 Lessons from the prescription pricing service Lessons Commentary Senior management ownership of IT risk leads to proactive decisions
and address risks created by legacy systems The legacy issues and risks identified in the CIP business case that led to the decision to implement CIP still exist.
The inability to scale the system to meet demand; the lack of flexibility to adapt to changes of business rules;
and updates to reflect changes in its business environment and/or exploit new technologies. Business case and funding Business case (s) for replacement reflect good practice (e g.
and prioritise changes in business requirements and legacy ICT capabilities, risks and issues, opportunities and threats.
Data quality and assurance A clear and consistent strategy for data standards and architecture ensures a coordinated approach to continually improve the quality of information provided by the legacy system.
Risk management Risk management processes ensure that the business risk appetite is documented and legacy ICT and information assurance related risks are identified
and regularly reviewed, documented and managed at a sufficiently senior level, with mitigating arrangements agreed.
Key stakeholders have clear visibility of the level of risk exposure. Implementation Lifecycle management The system is readily adaptable to changing business needs
with risks and issues managed effectively. Management of supplier services Outsourced services are managed actively and regularly market tested to ensure value for money,
Security processes The legacy ICT system meets government security standards (accreditation) in a cost-effective manner
and its security controls ensure the confidentiality, availability and integrity of data. External security risk assessments are carried out regularly.
No bespoke security systems or processes are required. Technology Applications The legacy ICT system fully integrates with the wider ICT environment using standard protocols or common application programme interfaces.
Software versions are current and fully supported with plans in place for future upgrade. Performance. The availability and performance of the legacy system is captured as part of service performance measurement.
and security patches systematically. Test facilities exist that replicate the production environment exist or can easily be created
22 Building security and trust...26 Legal uncertainties...28 E-business adoption challenges: lessons from EBIP...
SMES also face generic barriers to adoption including trust and transaction security and IPR concerns,
policy responses, 3 october. 5 Trust infrastructure Get the regulatory infrastructure right for trust, security, privacy and consumer protection.
Essential are a culture of security to enhance trust in the use of ICT, effective enforcement of privacy and consumer protection,
OECD (2002), Guidelines for the Security of Information systems and Networks: Towards a Culture of Security;
OECD (1999), Guidelines for Consumer Protection in the Context of Electronic commerce; OECD (1998), Ministerial Declarations on the Protection of Privacy in Global networks, on Consumer Protection in the Context of Electronic commerce and on Authentication for Electronic commerce adopted in Ottawa in 1998 C (98) 177, Annexes 1
security (including spam and viruses), privacy and consumer protection. Intellectual property protection of ICT innovations and digital products is necessary to build the confidence among SMES that is essential
organisational, security, trust and management skills in addition to ICT skills) in conjunction with education institutions, business and individuals.
organisation and innovation and investment and change entails risks and costs as well as bringing potential benefits.
which may entail proportionally greater costs and risks for SMES. In addition, smaller firms may have fewer incentives to integrate their business processes than larger firms,
and security and trust factors (security and reliability of e-commerce systems, uncertainty of payment methods, legal frameworks.
such as on-line security. In Canada, among businesses that did not buy or sell over the Internet,
%40%50%Do not trust technology/security Customer's access to Internet is insufficient It w ould not pay off No skilled personnel Does not apply to the type of enterprise/product Micro firms w ith 0
and avoid the risks associated with new investments and new business models. Strong links with customers and suppliers along the value chain as well as the lack of competition in the related market may also discourage businesses from introducing new business models
because firms that conduct e-commerce have to live with the risk of computer viruses and other system failures.
especially in an emergency, are needed to minimise the loss from a system malfunction, the e-commerce system of the firm may be vulnerable
Building security and trust Lesser known SMES are at a clear disadvantage in terms of buyer confidence compared with large multinationals with highly recognisable brand names.
consumers who use credit cards for on-line transactions are concerned highly about security, protection of credit-related information and secure system firewalls.
SMES are likely to face increasing costs for system protection and security measures (Phillips, 2002). Statistical surveys show that security issues (viruses,
hackers) are among the most important perceived barriers to Internet use by businesses (B2b and B2c),
although large firms perceived these barriers as more important than small ones presumably because they were more likely to be transacting
for face to face interaction 38.7 31.5 38.3 32.6 30.2 32.5 31.0 28.3 30.6 33.8 Concern about privacy of data or security issues 47.4 61.1 48.1 48.4 55.1
Small businesses can risk being sued in multiple jurisdictions under a number of inconsistent laws. More generally
transaction security, legal structures, IPR issues) were of lower concern on average but were seen more often as being negative, particularly in areas such as protection of IPRS and general legal structures.
On the other hand, in the confidence area, large firms were more negative about transaction security (they are also more likely to be transacting on-line than small firms),
high speed and security measures to protect the transmission of confidential data and other critical messages.
Many commercial factors inhibit small business debt financing including high transaction costs for small loans, lack of sufficient collateral and high risk in innovative start-ups and micro-enterprises.
especially when consultation services are provided to help develop business strategies based on realistic assessments of benefits and costs. 37 Security,
confidence building and the legal framework Business and consumer confidence in the security and trustworthiness of on-line transactions is essential to the development of e-commerce.
High levels of concern about on-line security, changes in technologies and the overall on-line environment are reflected in the 2002 OECD Guidelines for the Security of Information systems and Networks:
Towards a Culture of Security, a revision of the 1992 OECD Guidelines on Security of Information systems.
and security in on-line transactions, for example by introducing and demonstrating authentication and digital signature systems. 39 E-procurement,
In the first place, they should help SMES self-assess the costs and risks as well as opportunities related to ebusiness.
and general framework policies including access to infrastructure, a seamless legal/regulatory environment, on-line security,
Address security trust and confidence through broad policy frameworks, regulatory and self-regulatory tools, trustworthy technologies and affordable redress mechanisms.
progress report, DSTI/IND/PME (2002) 7/ANN/FINAL, OECD, Paris. OECD (2002e), Guidelines for the Security of Information systems and Networks:
Towards a Culture of Security, OECD, Paris. OECD (2002f), Guidelines for Protecting Consumers from Fraudulent and Deceptive Commercial Practices Across Borders, OECD, Paris. OECD (2003a), Broadband driving growth:
new technologies and new sales channels can often better meet the needs of at-risk social groups such as the elderly
as well as contracts dealing with certain securities. Article 9 (3) of the ECD obliges the Member States to regularly inform the Commission about the contracts for which the equivalence principle does not apply.
and interests on the grounds of public health, public security and 71 Directive 98/48/EC of the European parliament and of the Council of 20 july 1998 amending Directive 98/34/EC laying down a procedure for the provision of information in the field
and techniques to identify emerging online threats for consumers. 80 Commission Decision of 24 october 2005 establishing an expert group on electronic commerce,
offering a video-sharing site would probably be too great a commercial risk. Other intermediaries also maintained that the liability exemptions of the E-commerce Directive are essential for their trust in online activities.
but also sites containing child pornography, racist and xenophobic content, defamation, incitements to terrorism or violence in general, illegal gambling offers, illegal pharmaceutical offers, fake banking services (phishing), data protection infringements,
of technical systems of protection and identification methods and of technical surveillance instruments made possible by digital technology within the limits of Directives 95/46/EC and 97/66/EC".
The Mou sets out a series of joint principles including effective and balanced measures to prevent offers of counterfeit goods from being listed on internet platforms. 132 A similar EU level dialogue on online piracy
The UK Terrorism act provides a specific procedure for terrorism-related information; 43 The Spanish"Ley Sinde"does not target the end user
The french Law on the performance of internal security also puts in place a mechanism for blocking child pornography. 3. 4. 4. 3 Persisting issues According to a majority of stakeholders that responded to the public consultation,
Certain stakeholders also consider it socially undesirable that the takedown of manifestly illegal information (for instance child pornography) is sometimes less fast than the takedown of illegal information where there is a financial gain involved in the takedown (for instance phishing websites.
in the UK, intermediaries have to act within 2 days for terrorism-related illegal content.
A report conducted by Cambridge University136 demonstrates that the average time before takedown of child pornography sites is much longer than the time before takedown of phishing sites. d) Liability for providing wrongful notices
or for taking down or blocking legal content NTD procedures do not exclude a risk that wrongful notices are provided to intermediaries (in good faith or bad faith) and that intermediaries,
on the Economics of Information security (WEIS 2008), June 25 28 2008; available at: http://www. cl. cam. ac. uk/rnc1/takedown. pdf 46 Many stakeholders consider that the legitimacy of private operators deciding on the takedown of content without the intervention of a court depends on the extent to
Moreover, the Court argued that implementing a filtering technique should not be confused with monitoring as recital 40 of the Directive explicitly mentions that the Directive's provisions relating to liability should not preclude the development and use of technical surveillance instruments.
suggesting that to some extent there is an obligation of surveillance. In the UK, BT and Talktalk, two internet service providers, had contested the validity of the Digital economy Act (DEA,
Any filtering approach brings the risk of a technological"arms race"between those imposing filters and pirates.
For instance, in France, the HADOPI law (mentioned in Chapter 3. 4. 4. 2) is said to have led to an increased use of encryption of traffic, the use of VPN (virtual private networks) and the use of proxies.
On the one hand, filtering can, depending on the technology used, risk restricting freedom of speech by blocking legal content by mistake.
Typical trustmark systems consist of an accreditation mechanism with an independent supervisor for an online trader to meet the trustmark's requirements (including creditworthiness, security mechanisms, price transparency, provision of information, customer service, data protection
and respecting the particular needs and vulnerabilities of young users. 168 166 Only AT, DK, EE,
This does not always stop them from buying medicines online, with the result that they, often unconsciously, buy from illegal sites, with all the attendant health risks.
it will continue to analyse the risks related to the online sales of medicines in the context of the transposition
joint surveillance actions("sweeps")have been carried out on the basis of UCP provisions (websites selling airlines tickets, online mobile phone services, websites selling consumer electronic goods;
or extra risks linked to having to comply with rules different to those of the Member State of establishment.
In addition, online service providers have invoked as objective justifications for different treatment the perceived insecurity of transactions and the higher risk of fraud and non-payments in cross-border transactions
First of all, risk aversion tends to make investors and banks shy away from financing firms in their start-up and early expansion stages.
while, on the other hand, a certain degree of filtering is necessary to block harmful traffic such as cyber attacks
and common cultural preferences (humour, taste, decency, etc) the production and consumption of cultural products still remains overwhelmingly national. 196 Intellectual property right holders also raised the issue of counterfeiting and piracy as an obstacle to e-commerce.
Piracy deprives creators from a fair reward whereas counterfeiting distorts the Single Market because of the unfair competition between businesses.
One of the crucial means of combating piracy is the development of legal offers by providers.
Additionally, the Directive entails new harmonised rules on the passing of risk in sales contracts and the default timelimit for the delivery of goods as well as a ban on hidden charges,
in particular by improving the mutual recognition, interoperability and security of these systems. A large majority of stakeholders confirmed the need for regulatory measures regarding the mutual recognition and acceptance of e-identification and authentication throughout the EU. In 2012,
a lack of payment security and data protection, and finally uncertainties relating to liability in case of unauthorised payments or unsatisfactory deliveries.
PDF 87 The cost of payments can be correlated partly to the risk of fraud, which seems to be very significant for both online and offline payments,
This raises the question of the security of payments: a lack of trust is symptomatic,
and both merchants and consumers experience failures in the security of payments. All relevant market actors seem willing to address this problem
while realising that there is a trade-off between the level of security and convenience for the consumer.
It is important that the perceived lack of security does not continue to hamper e-commerce, especially at a cross-border level.
More competition More choice and transparency for consumers More innovation More payment security and customer trust Each of these objectives would benefit from a more integrated European market for card,
Finally, the Paper deals with payment security and data privacy and the possibilities for improvements in this area.
In addition, the delivery deadline for goods and the question of who bears the risk of loss or damages of shipped goods are two of the main difficulties encountered by consumers in online B2c-transactions
Article 20 provides that the consumer will be protected against any risk of loss or damage of the goods occurring before he has acquired the physical possession of the dispatched goods. The Consumer Rights Directive,
such as the time, method and place of delivery, carriage of goods and the effects of delivery on the passing of risk.
Furthermore, the issues of accountability for delivery and transfer of risk are resolved only to a certain extent at EU level (see Chapter 4. 4. 1). The complaint mechanism procedure is therefore not uniform or harmonized,
because the Internet continues to be perceived as a risk area, generating potential disputes which cannot be solved easily partly because of the nature of this virtual exchange zone.
The Commission has also been involved in the discussions within the Internet Governance Forum (IGF) on issues such as the sustainability and security of the Internet.
Access Impediment Act (repealed) ACT CVIII of 2001 on certain aspects of ecommerce services Law on information society services Terrorism act 2006/Digital economy Act 2010 Articles
which may not be published or distributed"Terrorism related.//Copyright Horizontal Copyright Horizontal 3. Notice provider=who initiates the notice procedure?
-noticeprovider-protected work-IPR holder-nature infringement-location infringing material-declaration that content is related terrorism-order to secure that content is not available to the public
-the decree of 20 june 2009 lays down the basis for a public website for reporting cybercrime (notably child abuse content, financial crime and racist content
Overtext Web Module V3.0 Alpha
Copyright Semantic-Knowledge, 1994-2011