as well as averting the risks of misuses that inevitably accompany any step of human evolution I am thankful to the authors for this startling journey into a nascent field,
the military to espionage. But there has been much less systematic support for innovations that use digital technology to address social challenges
hackers and activists The Commission must create the conditions where digital businesses, social entrepre -neurs and DSI communities can thrive.
There is great potential to exploit digital network effects, in social innovation activity and new services that generate social value,
-ers in†at the expense of security, privacy and openness: protocols are often propri -etary, the systems are centralised (particu
A main Internet trend-threat is recognised today: an increasing con -centration of power in services in the
Smart Cities project risks being dominated by US companies such as IBM, Google and Ciscos, partly because of the lack of
net-neutrality, strong encryption, banning of trivial patents, open standards and free software together with the multi-stakeholder governance model
A major risk for the Future Internet is the realisation of the †Big Brother†scenario, with big industrial
there is a risk that the innovation ecosystem will become more closed, favouring incumbents and dominant players, thereby in time constraining
NSA data-gate showed that intelligence agencies and governments have been engaging in mass surveillance operations, with huge implication on civil
liberties and privacy 20 Growing a Digital Social Innovation Ecosystem for Europe 1 1 7
-ing, Maker and hacker spaces, Investing and Funding, Event, Incubators and Accelerators, Advisory or expert body, Education And Training. 3 Technology
3d printing facilities (maker spaces and hacker spaces. There are now 96 known ac -tive hacker spaces worldwide, with 29 in the United states, Â according to Hackerspaces
org. There are many more Hacklabs around the world that are branded not as hacker spaces, but are community labs that incentivise the diffusion of free and p2p culture
and open technology Makerspaces are new and rapidly evolving hotbeds of innovation, which have been facilitated by the latest in prototyping technology,
have expanded from the electronics-centric hacker spaces to having a stronger emphasis on groups that attract a diversity of professionals such as artists, machinists, robotics
of civic innovators and hackers) to design and deliver public services that meet our societies†changing needs
respond to community emergencies Some of the best examples of DSI in Europe are clearly positively impacting society.
Make, a five day outdoor international camping festival for hackers and makers, and the Chaos Communication Camp, an international meeting of hackers that takes place
every four years, organised by the Chaos Computer Club (CCC) 11, an informal associa -tion of hackers from across Europe
OPEN ACCESS The Open Access Ecosystem approach (including open access to content, open standards, open
The Chaos Computer Club (CCC), Europe†s largest network of hackers, is the most prominent example of grassroots commu
and provide information about technical and societal issues, such as surveillance, privacy freedom of information, hacktivism and data security.
The CCC is based in Germany and other German-speaking countries and currently has over 4, 000 members.
Supporting the principles of the hacker ethic, the club also fights for free access to computers and
The Chaos Computer Club (CCC) HACKERS NETWORKS 34 Growing a Digital Social Innovation Ecosystem for Europe
HACKER SPACES ADVISORY OR EXPERT BODY INVESTMENT AND FUNDING 152 26 13 7674 70 32313030
-ing cybe-security and mainstreaming digitalisation The Digital Agenda for Europe20 Innovation Union21, and Horizon
Privacy-aware technologies and encryption Federated identity management Data control and data ownership The EU data protection reform package
Privacy-aware technologies and encryption Federated identity management Data control and data ownership The EU data protection reform package
and hackers. Recognising DSI€ s strong social value, besides its strategic contri -bution to repositioning Europe worldwide
In particular, more support is needed for encryption and anonymity technologies, such as attribute-based credentials built by ABC4TRUST63
AND ENCRYPTION An important effort towards a federated identity system Is federated the W3c Social Web Working Group58 to develop
extraction (e g. for marketing, economic competition and surveillance In this context, the infrastructure should preserve the right of data-portability57, and
and freedoms, to keep the Internet open, without surveillance and censorship, and to halt power abuses from Governments
However, noninstitutional actors (hackers geeks, social innovators and activists) are key in this process since they are able to generate creativity,
ï We found that the Authority actively monitors its exposure to risks related to technology approaching end-of-life.
engagement with stakeholders regarding risk, cost, prioritisation and funding 1 ttp://www. nhsbsa. nhsh. uk/Prescriptionservices/809. aspx
relocation in order to provide further assurance that risks arising from the move could be mitigated ï The information governance arrangements are thorough and in line with NHS
accreditations to deal with the risks of cyber threat, fraud and other security threats 6 Part One NHS Prescription Services:
the impact of legacy ICT Part One The National Audit Office's assessment of government's legacy ICT
1. 2 Public services that rely on legacy systems face a number of risks. Availability can be impacted through unreliability or failure of worn components.
face the risks and costs of replacing them. This was made clear in a response to the
performance over time, with associated costs and risks; and an enterprise analysis8 measuring how mature the organisation is in managing,
ï NHS Counter Fraud and Security Management Service Authority Prescription Services 2. 2 NHS Prescription Services,
and to address impending risks relating to technology approaching end-of-life 2. 8 To meet the capacity demands, CIP implemented high-speed scanning
submissions enhancements systems that could combat the risk of such frauds. Such matters are excluded therefore from the scope of our investigation
and address impending risks relating to technology approaching end-of-life. The Authority then took a sensible approach
corporate risk register, which describes strategic risks, their probability, potential impact and the agreed mitigations.
A prescription pricing service programme board which includes representatives from the business and the IT group meet monthly to
discuss service issues, enhancements and risks, and ICT is discussed during these meetings 4. 10 Risks discussed at the service area programme board feed into the corporate
risk register. An'end-of-life technology'risk register is maintained also that logs the risk and impact of a technology component that is approaching,
or is already end-of -life. This ensures that the Authority is monitoring its exposure to risks related to
technology that is approaching end-of-life in current systems 43 NHS Prescription Services: the impact of legacy ICT Part Four 23
4. 11 The Authority has adopted an enterprise architecture approach to ensure alignment of IT and business services,
with a small number of standby staff available to cover for absences and emergencies The staff we met are typically long-serving and experienced,
security arrangements and for carrying out regular disaster recovery rehearsals and penetration test exercises. However, there is no evidence of either test being carried
further assurance that risks arising from the move can be mitigated 4. 26 The information governance arrangements are thorough and in line with the NHS
Governance Toolkit. 13 No major security incidents were reported in 2011-12 However, the IT staff we spoke to were unaware of the arrangements and
accreditations to deal with the risks of cyber threat and fraud and other security threats Technology
Our assessment Key finding Now Future The technology put in place is effective but there are questions
ownership of IT risk leads to proactive decisions being made regarding the replacement or retention of
and address risks created by legacy systems The legacy issues and risks identified in the CIP business case that led
to the decision to implement CIP still exist. The inability to scale the system to meet demand;
changes in its business environment and/or exploit new technologies Business case and funding Business case (s) for replacement reflect good
capabilities, risks and issues, opportunities and threats Enterprise architecture There are clear links and strong alignment between
Data quality and assurance A clear and consistent strategy for data standards and architecture ensures a coordinated approach to continually
Risk management Risk management processes ensure that the business risk appetite is documented and legacy ICT and information assurance related
risks are identified and regularly reviewed, documented and managed at a sufficiently senior level, with mitigating arrangements agreed.
Key stakeholders have clear visibility of the level of risk exposure Implementation Lifecycle management The system is readily adaptable to changing business
needs and evidence of structured development and enhancement throughout its life can be seen. Testing plans and procedures are designed in partnership
with risks and issues managed effectively Management of supplier services Outsourced services are managed actively and regularly market tested to ensure value for money,
Security processes The legacy ICT system meets government security standards (accreditation) in a cost-effective manner and its security controls
ensure the confidentiality, availability and integrity of data. External security risk assessments are carried out regularly.
No bespoke security systems or processes are required Technology Applications The legacy ICT system fully integrates with the wider ICT
environment using standard protocols or common application programme interfaces. Software versions are current and fully supported with plans in
place for future upgrade Performance. The availability and performance of the legacy system is captured as part of service performance measurement
functional and security patches systematically. Test facilities exist that replicate the production environment exist or can easily be created
Building security and trust...26 Legal uncertainties...28 E-business adoption challenges: lessons from EBIP...29
trust and transaction security and IPR concerns, and challenges in areas of management skills technological capabilities, productivity and competitiveness.
Get the regulatory infrastructure right for trust, security, privacy and consumer protection Essential are a culture of security to enhance trust in the use of ICT, effective enforcement of privacy and
consumer protection, and combating cyber-crime and spam. Strengthened cross-border co-operation between all stakeholders is necessary to reach these goals.
Security of Information systems and Networks: Towards a Culture of Security; OECD (1999), Guidelines for Consumer Protection in the Context of Electronic commerce;
OECD (1998), Ministerial Declarations on the Protection of Privacy in Global networks, on Consumer Protection in the Context of Electronic
security (including spam and viruses), privacy and consumer protection. Intellectual property protection of ICT innovations and digital products is necessary to build the
including marketing, organisational, security, trust and management skills in addition to ICT skills) in conjunction with education institutions, business and individuals
investments in skills, organisation and innovation and investment and change entails risks and costs as well
organisational and management changes which may entail proportionally greater costs and risks for SMES In addition, smaller firms may have fewer incentives to integrate their business processes than larger firms
and security and trust factors (security and reliability of e-commerce systems uncertainty of payment methods, legal frameworks
security. In Canada, among businesses that did not buy or sell over the Internet, 56%believed that their
%Do not trust technology/security Customer's access to Internet is insuff icient It w ould not pay off
and avoid the risks associated with new investments and new business models. Strong links with customers and suppliers along the value chain as well as the lack of competition
with the risk of computer viruses and other system failures. If ICT support services, especially in an
Building security and trust Lesser known SMES are at a clear disadvantage in terms of buyer confidence compared with
security, protection of credit-related information and secure system firewalls. As more on-line clients demand secure transaction environments, SMES are likely to face increasing costs for system protection
and security measures (Phillips, 2002. Statistical surveys show that security issues (viruses, hackers) are among the most important perceived barriers to Internet use by businesses (B2b and B2c), although large
firms perceived these barriers as more important than small ones presumably because they were more
likely to be transacting and have a larger share of transactions over the Internet (OECD, 2002c).
of data or security issues 47.4 61.1 48.1 48.4 55.1 48.6 45.4 44.7 45.3 44.2
confidence factors (e g. brand image, transaction security, legal structures, IPR issues) were of lower concern on average but were seen more often as being negative, particularly in areas such as protection of
transaction security (they are also more likely to be transacting on-line than small firms), and were more
high quality, high speed and security measures to protect the transmission of confidential data and other critical messages.
loans, lack of sufficient collateral and high risk in innovative start-ups and micro-enterprises. To the extent
Security, confidence building and the legal framework Business and consumer confidence in the security and trustworthiness of on-line transactions is
essential to the development of e-commerce. It largely hinges on assuring both businesses and consumers
High levels of concern about on-line security, changes in technologies and the overall on-line environment are reflected in the 2002 OECD â€oeguidelines for the Security of Information systems and
Networks: Towards a Culture of Securityâ€, a revision of the 1992 â€oeoecd Guidelines on Security of
Information Systemsâ€. Regarding authentication for e-commerce, the 1998 OECD Ottawa Declaration on Authentication for E-commerce gave favourable consideration to the 1996 Model Law on Electronic
trust and security in on-line transactions, for example by introducing and demonstrating authentication and digital signature systems
first place, they should help SMES self-assess the costs and risks as well as opportunities related to e
security, authentication and consumer protection 43 Summary General business framework and ICT policies have an important role in enhancing the conditions
•Address security, trust and confidence through broad policy frameworks, regulatory and self-regulatory tools, trustworthy technologies and affordable redress mechanisms
OECD (2002e), â€oeguidelines for the Security of Information systems and Networks: Towards a Culture of Securityâ€, OECD, Paris
new sales channels can often better meet the needs of at-risk social groups such as the elderly
dealing with certain securities. Article 9 (3) of the ECD obliges the Member States to
and interests on the grounds of public health, public security and 71 Directive 98/48/EC of the European parliament and of the Council of 20 july 1998 amending Directive
develop tools and techniques to identify emerging online threats for consumers 80 Commission Decision of 24 october 2005 establishing an expert group on electronic commerce, OJ L
defamation, incitements to terrorism or violence in general, illegal gambling offers, illegal pharmaceutical offers, fake banking services (phishing), data protection infringements, illicit
tobacco or alcohol advertisements, unfair commercial practices or breaches of the EU consumer rights acquis
and of technical surveillance instruments made possible by digital technology within the limits of Directives 95/46/EC and 97/66/EC
•A similar EU level dialogue on online piracy (copyright infringements) was launched in 2009 but did not result in a final agreement
•The UK Terrorism act provides a specific procedure for terrorism-related information 43 •The Spanish"Ley Sinde"does not target the end user
•The french Law on the performance of internal security also puts in place a mechanism for blocking child pornography
where there is a financial gain involved in the takedown (for instance phishing websites. A majority of the respondents to the consultation proposed a European notice-and-takedown
•in the UK, intermediaries have to act within 2 days for terrorism-related illegal
is much longer than the time before takedown of phishing sites d) Liability for providing wrongful notices or for taking down or blocking legal content
NTD procedures do not exclude a risk that wrongful notices are provided to intermediaries (in good faith or bad faith) and that intermediaries, acting on such notices, take down legal
Information security (WEIS 2008), June 25†28 2008; available at http://www. cl. cam. ac. uk/rnc1/takedown. pdf
development and use of technical surveillance instruments. Scarlet filed an appeal against the decision and on 28 january 2010 the Brussels Court of Appeal made a
surveillance •In the UK, BT and Talktalk, two internet service providers, had contested the validity of the Digital economy Act (DEA, discussed above) under the European law and in
Any filtering approach brings the risk of a technological"arms race"between those imposing filters and pirates.
said to have led to an increased use of encryption of traffic, the use of VPN (virtual private
technology used, risk restricting freedom of speech by blocking legal content by mistake. On the other hand, filtering techniques such as deep packet inspection could restrict the right of
creditworthiness, security mechanisms, price transparency, provision of information, customer service, data protection and dispute settlement. Well-known trustmarks within the EU include
respecting the particular needs and vulnerabilities of young users. 168 166 Only AT, DK, EE,
with all the attendant health risks The public consultation on e-commerce triggered a limited number of responses to online
addition, it will continue to analyse the risks related to the online sales of medicines in the
•joint surveillance actions("sweeps")have been carried out on the basis of UCP provisions (websites selling airlines tickets, online mobile phone services, websites
or extra risks linked to having to comply with rules different to those of the Member State of establishment.
objective justifications for different treatment the perceived insecurity of transactions and the higher risk of fraud and non-payments in cross-border transactions,
and the difficulty of resolving cross-border disputes which is aggravated by the persistent complexity of cross
First of all, risk aversion tends to make investors and banks shy away from financing firms in their start-up and early expansion stages.
degree of filtering is necessary to block harmful traffic such as cyber attacks and viruses Traffic management can,
Intellectual property right holders also raised the issue of counterfeiting and piracy as an obstacle to e-commerce.
Piracy deprives creators from a fair reward whereas counterfeiting distorts the Single Market because of the unfair competition between businesses.
crucial means of combating piracy is the development of legal offers by providers. In parallel the development of cross-border trade should also help increase the income of authors by
entails new harmonised rules on the passing of risk in sales contracts and the default time
security of these systems. A large majority of stakeholders confirmed the need for regulatory measures regarding the mutual recognition and acceptance of e-identification and
a lack of payment security and data protection, and finally uncertainties relating to liability in case of unauthorised payments or unsatisfactory deliveries
The cost of payments can be correlated partly to the risk of fraud, which seems to be very
This raises the question of the security of payments: a lack of trust is symptomatic,
failures in the security of payments. All relevant market actors seem willing to address this
problem while realising that there is a trade-off between the level of security and convenience
It is important that the perceived lack of security does not continue to hamper e-commerce, especially at a cross-border level.
•More payment security and customer trust Each of these objectives would benefit from a more integrated European market for card
with payment security and data privacy and the possibilities for improvements in this area The last part of the Green Paper touches on a crucial issue,
In addition, the delivery deadline for goods and the question of who bears the risk of loss or
risk of loss or damage of the goods occurring before he has acquired the physical possession
passing of risk. These rules in the Common European Sales Law also apply to B2b contracts
for delivery and transfer of risk are resolved only to a certain extent at EU level (see Chapter
because the Internet continues to be perceived as a risk area generating potential disputes which cannot be solved easily partly because of the nature of
Governance Forum (IGF) on issues such as the sustainability and security of the Internet Despite the usefulness of several multilateral dialogues on e-commerce, the Commission
Terrorism act 2006 /Digital Economy Act 2010 Articles 14-18 Decree-Law 7/2004 Royal Decree
"Terrorism related /Copyright Horizontal Copyright Horizontal 3. Notice provider=who initiates the notice procedure copy right
terrorism-related -order to secure that content is not available to the public or is
-the decree of 20 june 2009 lays down the basis for a public website for reporting cybercrime (notably child abuse content, financial crime and racist content
NTD procedures do not exclude a risk that wrongful notices are provided to intermediaries (in good faith or bad faith) and that
exploit technology, knowledge gaps and financial constraints. The extensive literature written on open innovation subjects highlights the motives,
the benefits and the barriers these but the studies focusing on the risks of open
but also the diversity of risks entailed, raising awareness of this framework of uncertainties. Within the study, our work highlights that open innovation in is impeded by risks related to
technology, market place, collaboration among partners, financial sources availability, clients needs, workforce knowledge and intellectual property rights
By undertaking this study we aim to contribute to the scarce literature on open innovation risks and to shed
open innovation, risk management, innovation performance, collaboration, resource availability JEL classification: O310 INTRODUCTION AND PURPOSE OF THE RESEARCH
many researchers, we found few studies addressing open innovation from the risk management perspective, especially in Central and Eastern europe
and especially on their potential of efficiently managing the risks this cooperation involves. To our
knowledge, there is a limited amount of empirical research on the risk management of open innovation processes. This paper aims to address these research gaps
drawbacks that such partnerships entail and thirdly to define a comprehensive structure of risks residing in open innovation,
by raising awareness on the factors that help mitigate the risks met by companies in their innovation process.
The research results support the importance of risk management in the open innovation environment Given the overall sparse attention given to the dark side of open innovation form the risk
management perspective, we consider worth addressing this deficiency through the challenge of defining a theoretical framework of risks encountered in external partnerships.
In order to build this we used the extensive support literature written on open innovation, since Chesbrough (2003) until
today and the relatively scant literature affiliated to open innovation risks. Additional research sources were case studies
We intend our study to make the path for future researches in the risk management area of
customer and supplier expertise outside the organization, sharing risk in product and service development, and enhancing company image and reputation (Wallin and Von Krogh, 2010.
market, and the risk involved with the development of new products and services (Chesbrough 2003; Reichwald and Piller 2009
reduced risk as others put their human capital to work on risky propositions; and accelerated time-to-market as innovation is freed from the shackles of the
to effectively exploit diversity and to share risk. Innovation collaboration allows organization to gain needed skills, technologies, assets,
and risks will be reduced by shared partnership ACTORS ON THE OPEN INNOVATION STAGE In the new models of innovation, different actors are collaborating together to turn a new
The scarce literature written about risk management dimension in open innovation projects is focused more on highlighting the barriers for a firm to approach open innovation rather than on
depicting the risks which accompany such collaborative arrangements. In our review of literature we show what impedes a company to perform
potential risk because the organization may lose its competitive edge over its competitors Additionally, this knowledge exposure could provide the rival organizations with added advantages
2009) shows that risks such as loss of knowledge, higher coordination costs, as well as loss of control and higher complexity are mentioned as frequent risks
connected to open innovation activities. In addition, there are significant internal barriers, such as the difficulty in finding the right partner, imbalance between open innovation activities and daily
cost reduction, knowledge gain, sharing risks and diversification of resources. We found that knowledge acquisition is perceived both as the highest
Since innovation is closely related to higher risks, the choice of involvement in external partnerships is a means of sharing the risks of the firm†s projects.
However, as later detailed, this open innovation projects may also entails a wide range of risks
which need to raise awareness of Internal resources are limited often, insufficient and unavailable for large innovation
While an open innovation strategy targets to decrease the risk related to the innovation process, it may also entail an increase of risk related to collaboration among different partners
However, there is a scarcity of research regarding the costs and barriers of open innovation A number of both internal factors (within individual companies or single industries) and
inherently brings along risks and costs. Our research distinctly points out to a paradox: even if the
may also reside threats that distort the initial objective of pursuing innovations and competitive advantage.
An open innovation strategy aims at decreasing the risk inherent to the innovation process but at the same time it may increase the risk inherent to collaboration with different partners
Tantau and Coras, 2013 Our study reflects that open innovation is hampered commonly by constraints related to
Figure 2. Open innovation risks Source: the authors The USV Annals of Economics and Public Administration Volume 14, Issue 1 (19), 2014
Figure 3 depicts in further detail the major risk drivers (internal and external) for a company
Knowledge sharing risks are correlated strictly with the lack of trust in the partner and poor communication among collaborators about common
Opportunism is regarded as high threat In open partnerships, firms seek skilled and talented external collaborators to work for the
Retention risk acts as a major constrain since turnover among work force can alter the quality of the partnerships and lead to major
People related risks are regarded as highest threats, since they are the major actors and assets in collaboration projects.
innovation, acts as a major risk and its impact is even greater when it is a translation of the top
which shows little support for innovation and low awareness of risks Undertrained workforce is a threat for a small firm
since it builds up a knowledge barrier from the firms it collaborates with Formally, open innovation bring into light the intellectual property rights protection.
Figure 3. Details of open innovation risks Source: the authors The USV Annals of Economics and Public Administration Volume 14, Issue 1 (19), 2014
Collaboration among partners, the core process of open innovation, entails a variety of risks that alter the purpose.
Collaboration risks are highly connected with knowledge loss and opportunistic behaviour, if partners allow each other to
The risk of technology leakage to rivals and a loss of control over the innovative process
outsourcing partners in order to avoid possible outsourcing risks. Highly specific to emergent countries, unethical behaviour is common and acts a major business risk.
Open innovation is also impeded by a high level of bureaucracy and firms find it harder to cover the administrative costs
partnership holds significant risks residing not only in the failure of collaborations but also in potential loss of competitive advantage should the critical internal competencies
ability to access external knowledge resources efficiently and overcoming the risks encountered in the process can become a huge competitive factor for companies
This paper has explored empirically the risk agenda companies encounter in the process of open innovation. Within the research, our work highlights that companies are allured to enter
pool of resources otherwise insufficient, to share risks that go along with their businesses While collaborating, we conclude that firms are impeded by risks related to workforce
knowledge sharing, complexity of collaboration, market tensions, client pressures, access to finance, technology advances and demands related to intellectual property rights protection
While generally scholars have focused their research of risks in open innovation on large companies rather than SMES, there is little knowledge on how the magnitude and impact of
open innovation threats are distinct for smaller firms than for larger companies. We also consider
we consider critical for further research the development of risk mitigation models for open innovation risk
REFERENCES 1. Arnold, R. 2008. Microeconomics. 9th ed. Mason: Southwestern Cengage Learning 2. Brunold, J. and Durst, S. 2012)" Intellectual capital risks and job rotation",Journal of
Intellectual Capital, Vol. 13 (2), pp. 178 †195 3. Chesbrough, H. 2003) â€oeopen Innovationâ€, Harvard Business school Press, Boston, pp. 43
Tantau, A. And Coras, E. 2013) â€oea risk mitigation model in sme†s open innovation
Overtext Web Module V3.0 Alpha
Copyright Semantic-Knowledge, 1994-2011