How to build trusted tech: Regulators, tech giants and lawyers uncover top strategies

By Huawei

Experts discuss the importance of establishing trust in the tech industry, and share practical tips on building a framework of trust.

One of pop culture’s most shocking betrayal is that of Lando Carlrissian in Star Wars: The Empire Strikes Back. After a visit by Darth Vader, Lando agrees to help trap his old friend Han Solo and the rebels. While he later finds redemption, his betrayal threw many viewers for a loop.

In the same way, breaking the trust of the people you serve comes with consequences. Trust has to be built across many years, and can be lost in an instant, says René Arnold, Vice President Public Affairs Strategy at Huawei Technologies. In a digital age, establishing trust is even more important in the face of misinformation, cyber attacks, and data leaks.

In GovInsider’s recent webinar on Trust in Tech: Forging Partnership between Government and Industry, industry experts discussed how the government and industry can cooperate to establish trust in a digital world.

How to measure trust

Just as banks have credit rating systems, organisations should have a standard way to measure trust, said Phillip Heah, Chief Executive Officer of Credence Lab.

Heah formerly oversaw tech regulation as Assistant Chief Executive (Resilience and Cybersecurity) at Singapore’s Infocomm Media Development Authority. He has set up the Credence Data Trust Rating System, which examines if an organisation is handling their customers’ personal data properly.

One of the system’s focuses is on measuring an organisation’s overall readiness on dealing with data. Heah emphasised the importance of each employee knowing their responsibility in handling data. This echoed Arnold’s thoughts: “It's not just the cybersecurity officer who is in charge of security.”

But there is still a long way to go, said technology journalist Amit Roy Choudhury, who moderated the webinar.

“Transparency is a must to enhance digital trust, but we are still in the process of understanding which is the best way to establish an easy to use digital transparency index,” he explained.

While there is no clear answer yet for how trust can be measured, Warren B. Chik, Associate Professor of Law with the Singapore Management University School of Law, raised the possibility of AI auditing machines in the future. Chik is also Deputy Director at the Centre for AI and Data Governance.

The finance industry already uses AI and machine learning to improve the processes and quality of audits. Tech may soon do the same.

Assurance is key

The key to building trust is assurance, panellists agreed. Customers and investors need to know that organisations are handling data well. Governments play a crucial role here to put proper regulations and penalties in place.

These regulations should encourage openness and clarity, said Chik. “The more I know about what a company or organisation is doing with my information, the more willing I am to transact and share,” he continued.

Singapore’s Personal Data Protection Act, for example, requires companies to inform victims if a data breach involved 500 or more people, or if personal information was compromised.

“The faster you tell people there’s a problem and you’re dealing with it, the better it is to maintain trust, because people know you’re on top of it,” explained Chik.

These rules should also come with a penalty if they are broken to ensure accountability, he added. For instance, Singapore’s Cybersecurity Act regulates how organisations tackle cybersecurity threats and incidents.

Having regulations in place is not enough, however. Organisations need to make their terms and process as simple as possible to understand. Heah observed that one government website had a privacy notice of over 8000 words.

“It is almost impossible to understand, even for someone who is familiar with the topic,” he said. “This area of communication with consumers is another area we should be looking at.”

Keeping up-to-date with technology to ensure security

While governments and organisations can set out regulations for tech, its rapid development means it should be constantly reviewed, said Chik. There needs to be processes in place to ensure new innovations are not being abused, he added.

Good cybersecurity also doesn’t have to be expensive. Some organisations tend to collect more information than they need and store it carelessly, Chik pointed out. Keeping data on a laptop, rather than on the internet, is an affordable and effective way to reduce risk, he said.

It is important for both governments and organisations to stay updated on technological progress, to keep regulations and cybersecurity updated, Arnold shared.

Collaboration across industry players and governing bodies will set the foundation of digital trust moving forward. With greater transparency across the industry, data will be more readily shared, creating an open data ecosystem where innovation can flourish.