Digital standards

AI and digital standards

As AI innovations accelerate, work is being carried out in different standardisation spaces to develop standards for AI (covering issues such as safety, security, data protection, and transparency). And AI also holds promise to help improve the efficiency of standardisation processes. 

Standards for AI

‘Standards can underpin regulatory frameworks and […] provide appropriate guardrails for responsible, safe and trustworthy AI development.’ This very simple, yet very powerful statement comes from three major international standard-developing organisations – the International Electrotechnical Commission (IEC), the International Organization for Standardization (ISO), and the International Telecommunication Union (ITU) – and it makes two important points: first, that technical standards have an essential role in guiding the safe, secure, and trustworthy development and use of AI; and, second, that standards can (and should) act as a bridge between technology and policy. With AI regulations multiplying, standards are increasingly seen as a mechanism to demonstrate compliance with legal provisions. This is the case, for instance, with the upcoming EU AI Act, which references standards (to be) developed by the three main European standards development organisations (SDOs): the European Committee for Standardization (CEN), the European Electrotechnical Committee for Standardization (CENELEC), and the European Telecommunications Standards Institute (ETSI). International standards are particularly relevant when advancing trustworthy AI: Built through consensus and implemented voluntarily across industries around the world, international standards can set a common denominator for the safety and security of AI products while also facilitating interoperability between them. Moreover, standards can foster international trade and sustain competitiveness, among many other possibilities. There are numerous international SDOs where AI standardisation takes place. Notable among these are the various study groups and focus groups at ITU’s Telecommunication Standardization Sector (ITU-T); the subcommittee on AI within the ISO/IEC Joint Technical Committee on Information Technology (ISO/IEC JTC 1); and the multiple standards projects for AI and autonomous systems at the IEEE Standards Association.  As AI competition between companies and nations accelerates, there seems to be more and more appetite to engage in international standardisation processes. Within SDOs, more and more standard proposals are being put forward by a growing number of actors. And the need for cooperation among like-minded partners in international standardisation processes is increasingly highlighted in geopolitical settings. For example, the EU-US Trade and Technology Council’s Joint Roadmap on Evaluation and Measurement Tools for Trustworthy AI and Risk Management (December 2022) lists ‘leadership and cooperation in international technical standards development activities’ as one of its three main areas of activities. 

AI in standards development 

Besides developing standards for AI, SDOs can also rely on AI techniques to facilitate and improve some of their activities. For instance, natural language processing and similar techniques can analyse vast amounts of technical standardisation documents such as proposals and comments. Generative AI could be tested in drafting initial versions of standards proposals (or at least certain components of those proposals). Machine-learning algorithms can be employed to avoid duplication of work in standardisation processes, determine gaps between existing technical standards and emerging technologies or industry needs, and identify inconsistency between existing and proposed standards. And one step further, there is also the potential of using AI to facilitate consensus-building in standardisation processes. Learn more on AI Governance.

Let’s say you need to measure something with a ruler, and the length is 10 centimetres. If I had to measure the line with my ruler, it would also be 10 centimetres. Rulers marked in centimetres are all the same: Manufacturers of rulers mark centimetres – or any other distance – according to a set standard.

Now take any credit card: its size is the same as any other credit card. If they were not the same, banks would have a hard time developing automated teller machines (ATMs) that would read credit cards in different sizes. Again, there is a standard that defines this size.

Our world is made up of standards – sets of agreed-upon rules that tell us how to do something. Standards exist in every field, including healthcare, aerospace, construction, measurement, and technology and the internet. Standards for digital technologies – called digital standards – are all around us, enabling devices to interact with each other, facilitating the exchange of information, and describing security procedures for internet of things (IoT) devices. Here is one example right in front of us: The letters of the alphabet on an English keyboard, including those that pop up on our mobile devices, follow the same pattern, called ‘QWERTY’ (next time you are typing, try to identify where these letters are on your keyboard or your keypad).

Digital standards cover a wide range of technologies and related infrastructures, devices, applications, and services.

Technical internet standards

They form the infrastructure that makes the internet work. Examples include the Transmission Control Protocol/Internet Protocol (TCP/IP) – two protocols that enable the exchange of data via the internet; various standards related to the domain name system (DNS), such as DNSSEC – DNS security extensions that help secure data exchanges; and the secure sockets layer (SSL) and its successor, the transport layer security (TLS), dedicated to protecting the security of internet connections.

Web standards

Web standards are related to the world wide web; they provide specifications for the development and functioning of online content and applications to ensure that they are accessible across devices and configurations. Some of the most widely used web standards are HyperText Markup Language (HTML), a plain text language that uses tags to define the structure of documents; eXtensible Markup Language (XML), another type of language used for sharing structured information; and Cascading Style Sheets (CSS), a language used in conjunction with HTML to control the presentation of web pages.

Why were web standards required?

By the late 1980s, the battle of network standards was over. TCP/IP gradually became the main network protocol, marginalising other standards. While the internet facilitated normal communication between a variety of networks via TCP/IP, the system still lacked common application standards.

A solution was developed by Tim Berners-Lee and his colleagues at the European Organization for Nuclear Research (CERN) in Geneva, consisting of a new standard for sharing information over the internet called Hypertext Markup Language (HTML). Content displayed on the internet first had to be organised according to HTML standards. HTML, as the basis of the web, paved the way for the internet’s exponential growth. Since its first version, HTML has been constantly upgraded with new features. The growing relevance of the internet has put the question of the standardisation of HTML into focus. This was particularly relevant during the Browser Wars between Netscape and Microsoft, when each company tried to strengthen its market position by influencing HTML standards. While basic HTML only handled text and photos, newer internet applications required more sophisticated technologies for managing databases, videos, and animation. Such a variety of applications required considerable standardisation efforts in order to ensure that internet content could be properly viewed by the majority of internet browsers. Application standardisation entered a new phase with the emergence of XML, which provided greater flexibility in the setting of standards for internet content. New sets of XML standards were also being introduced, such as the standard for the distribution of wireless content called Wireless Markup Language (WML).

Standards for networks and infrastructures

These cover technologies and architectures for mobile networks (e.g. 3G, 4G, 5G), broadband networks, and next-generation networks (e.g. cloud computing networks), to name just a few.

Mobile standards

Mobile standards are a set of standards developed for best communication via mobile devices. They incorporate standards regarding mobile networks and their compatibility with mobile operators. Mobile networks are networks in which the last communication link is wireless. The Global System for Mobile communication (GSM) was developed in 1991 by the European Telecommunications Standards Institute (ETSI). The GSM standard sets the rules for the use of the 2G mobile network. In the year 2000, the IS-2000 standard (also known as CDMA 2000) a set of 3G mobile technology standards was developed. The IS-2000 standard is set to make requirements and determine properties for sending and receiving audio and video data on mobile networks. Third-generation cellular standards were further polished and published by ITU’s Universal Mobile Telecommunications System (UMTS) standard in 2001. By 2009, a new set of standards aimed to improve the speed and capacity of mobile networks, and are referred to as Long-Term Evolution (LTE) or 4G networks. LTE looked to provide a new set of internet technologies, including high-definition video over the internet, gaming services, video conferencing, and 3D television. The next step for mobile standards was the development of the fifth-generation cellular network technology: the 5G network. The first implementation of 5G standards started in March 2019. 5G networks were envisaged as networks for massive device connectivity, high-speed internet, and low communication latency. More recently, discussions have emerged on the development of 6G networks and related standards.

Open standards

Standards that are open (i.e. open internet standards) allow developers to set up new services without requiring permission. Examples include the world wide web and a range of internet protocols. The open approach to standards development has been affirmed by a number of institutions. One such affirmation is the OpenStand initiative, endorsed by bodies such as the Institute of Electrical and Electronics Engineers (IEEE), the Internet Engineering Task Force (IETF), the Internet Architecture Board (IAB), the World Wide Web Consortium (W3C), and the Internet Society.

Standards are developed and adopted at the national, regional, and international levels. At the national level, standards developing organisations (SDOs) usually bring together experts from various stakeholder groups (e.g. governmental agencies, private companies, research institutes, academia, consumer organisations) to elaborate standards in multiple fields. Here an important role is played by the so-called national SDOs, which either develop national standards themselves (e.g. the British Standards Institution, the German Institute for Standardisation, and the Bureau of Indian Standards) or oversee the development of such standards by various accredited standards bodies (the American National Standards Institute and the Standards Council of Canada function by this model).

Regional SDOs are usually focused on the development of regional standards. They also facilitate cooperation between national SDOs, encourage the harmonisation of national standards, and support their development. Examples of such bodies include the European Committee for Standardization (CEN), the European Committee for Electrotechnical Standardization (CENELEC), ETSI, the Pacific Area Standards Congress (PASC), the African Organisation for Standardisation (ARSO), and the Pan American Standards Commission (COPANT).

At the international level, the International Electrotechnical Commission (IEC), the International Organization for Standardization (ISO), and ITU are key SDOs developing standards for digital technologies. Within ITU, the Telecommunication Standardization Sector (ITU-T) focuses on the development of international technical standards for information and communication technologies (ICTs) (known as ITU-T recommendations), although some standardisation work – related to radiocommunication systems – is carried out by the Radiocommunication Sector (ITU-R) as well.

Important standardisation work is also carried out within the IEEE, whose Standards Association (IEEE SA) develops standards related to computer technology, consumer electronics, cybersecurity, green and clean technology, and wired and wireless communications, among other; the IETF, which develops standards for the internet; the W3C, which is dedicated to standards for the world wide web; and the Third Generation Partnership Project (3GPP), which focuses on standards for cellular (mobile) telecommunications technologies, including radio access, core networks, and service capabilities.

These organisations have different membership structures, as well as their own rules and procedures for developing and approving standards. There are, however, a series of principles that tend to be generally applied across these organisations, such as consensus, transparency, openness, and due process.

The digital standardisation landscape also includes a wide range of industry forums and consortia, usually formed by private sector entities interested in developing specific standards to meet their common needs. Examples include the Broadband Forum (develops broadband network specifications); the LoRa Alliance (worked on the LoRaWan specification – a low-power, wide area networking protocol); the Connectivity Standards Alliance (focused on IoT technology standards); and the Organization for the Advancement of Structured Information Standards (OASIS) (works on various standards related to data exchange, cybersecurity, blockchain, etc.).

See also:

Technical standards have far-reaching economic and social consequences, promoting specific interests and altering the balance of power between competing businesses and/or national interests.

Technical implications

Standards ensure that hardware and software developed or manufactured by developed entities can work together as seamlessly as possible. Standards therefore guide the technical community, including manufacturers, to develop interoperable hardware and software. Beyond interoperability, standards also foster quality of service and quality of experience, as well as safety and security.

Economic implications

Standards support innovation and help develop and sustain competitiveness, thus the ability to contribute to economic growth. When adopted and implemented at the international level, standards also facilitate global trade. They are also relevant from a competition point of view. For instance, if companies are able to have their technology reflected in international standards, this could give them a market advantage.

Sustainable development

Digital standards can help societies take advantage of the opportunities offered by digital technologies, including in terms of devising effective responses to global challenges (e.g. climate change) and advancing economic, social, and environmental sustainability. To illustrate, standards related to the circular economy – developed at ISO and ITU-T – can help drive progress toward environmental sustainability.

Human rights implications

Once they make their way onto the market – embedded in various technologies – standards can provide the context for promoting or abusing human rights. For instance, web accessibility standards help ensure that governmental digital services are available to people with certain disabilities. Standards related to biometrics or surveillance systems – under development at ISO and ITU-T, for instance – can have implications for privacy, the right to non-discrimination, and other human rights.

Geopolitical implications

The (geo)political dimension of standards and standardisation processes has become more visible in recent years in the context of the intensifying economic and technological competition between nations. Governments are increasingly aware that if a country’s actors can influence standards in strategic industries, that country would likely obtain a significant advantage on the international stage. There are also concerns about the possibility of some actors advancing standard proposals that pose challenges to core values and principles upheld by some countries.

These and similar concerns have brought standards to the forefront of several geopolitical forums, resulting in calls and proposals for strengthened cooperation between partner nations.  At the G7, a Framework for Collaboration on Digital Technical Standards outlines several areas of cooperation, from identifying shared interests in the development of digital standards, to upholding integrity in the development of standards and supporting the inclusion of international principles for digital technologies in standardization processes.

Within Quad, Australia, India, Japan, and the USA have agreed to establish a Critical and Emerging Technology Working Group to facilitate cooperation on international standards and innovative technologies.

The EU-US Trade and Technology Council created in 2021 includes a WG on technology standards, dedicated to fostering transatlantic coordination and cooperation in standards for critical and emerging technologies.

New resources:

Although largely invisible, technical standards are all around us, from the protocols that make the internet work, to the dozens of specifications embedded into our mobile phones. At their core, standards describe how technologies, products, and services are made and how they work. This lets them work together and makes services safer and better.

For instance, one major breakthrough in 2022 was the Connectivity Standards Alliance adoption of Matter, a standard for interoperability between smart home devices. Supported by tech giants Apple, Amazon, Google, and Samsung, the new Matter standard is expected to increase the security of home devices. In the words of president and CEO of the Connectivity Standards Alliance Tobin Richards: ‘Matter also raises the bar for security, using blockchain to validate and store credentials on the home network, encrypting messages (commands) between devices, enabling local control (no cloud), and including a pathway to easy security updates’.

Beyond their technical nature, standards also have economic, social, and (geo)political dimensions. This multifaceted nature of standards has become increasingly visible in recent years. For instance, standards made it on the agenda of bilateral and multilateral intergovernmental frameworks such as the G7, G20, the Quad (Australia, India, Japan, the USA), and the EU-US Trade and Technology Council. They have also been discussed in unusual settings, such as the UN Human Rights Council.

What can we expect to see in 2023?

(a) Relevance of standards: From strength to strength

We can expect standards and standardisation processes to continue to increase in relevance in 2023 and beyond, in particular against the backdrop of intensifying technological competition between nations. Like-minded countries will likely work to strengthen cooperation and coordination on standards-related matters, in particular when it comes to the development of standards for emerging and advanced technologies. The EU-US Trade and Technology Council is just one example: building on agreements reached in 2022, the EU and the USA will work to increase standards cooperation and advance the development of international standards in areas such as quantum information science and technology, additive manufacturing, post-quantum encryption, and IoTs.

(b) A growing relationship with human rights

Another trend picking up in 2023 will be the nexus between human rights and digital standards. To start with, the Office of the High Commissioner on Human Rights will deliver its report to the UN Human Rights Council on ‘the relationship between human rights and technical standard-setting processes for new and emerging digital technologies’, as requested by the council in a June 2021 resolution. The report is likely to include recommendations on fostering more convergences between human rights and standardisation processes, as well as on strengthening the participation of civil society groups in standard-setting work. Then, within standards developing organisations (SDOs) themselves, there will likely be more and more discussions on the human rights implications of the standards under development, for instance, when it comes to AI, IoT, digital identities, and more.

(c) Standards as de facto governance tools

Standards are, in general, voluntary, and their success depends on the extent they are taken up by the industry. But sometimes, there are also clear links between standards and regulations: Standards can serve as the basis for regulation or can be used as regulatory tools themselves when they are made compulsory by law. The nexus between standards, regulations, and overall digital transformation is illustrated, for instance, by the upcoming 7th Cybersecurity Standardisation Conference in Brussels on 7 February, which will discuss standardisation as a way of supporting the EU’s cybersecurity-related laws such as the Cyber Resilience Act.

As regulation tends to lag behind technological progress, standards have an important role to play in ensuring the quality, safety, and security for technologies that are not yet covered by regulations. Moreover, as current geopolitical tensions are poised to reduce the chances for multilateral digital governance solutions, internationally-agreed digital standards could fill in this void by becoming de facto governance tools.

(d) New standards in the making 

While we expect some of the hype around advanced/emerging technologies (quantum computing, the metaverse, etc.) to tone down, standardisation processes will accelerate. For example, work on various standards for quantum computing and quantum communication will advance within bodies such as ITU, the International Organization for Standardization (ISO), and the International Electrotechnical Commission (IEC). When it comes to standardisation activities for quantum-safe cryptography, such work is also being carried out by national and regional SDOs such as the National Institute of Standards and Technology (NIST) in the USA and the European Telecommunications Standards Institute (ETSI) in the EU.

A few standardisation initiatives are emerging in order to ensure the future interoperability of metaverse platforms. The most prominent is the Metaverse Standards Forum supported by major tech companies. Also noteworthy is the pre-standardisation work on metaverse initiated at the ITU in December 2022. Similar pre-standardisation work, this time in relation to mobile networks, is gaining momentum at ETSI, where an industry specification group has started exploring use cases and frequency band requirements for terahertz (THz) communications, which is a candidate technology for 6G networks.