G20 digital ministers sign up for Digital Public Infrastructure push

They've also thought of the children, and the poor SMEs trying to stay secure

The G20 bloc's ministers responsible for the digital economy met in India on Saturday and proposed something interesting: a Framework for Systems of Digital Public Infrastructure (DPI).

The Framework comprises three elements:

  • Technology in the form of interoperable and reusable digital systems and applications (e.g., software codes, protocols, standards) that can be used across different use cases and sectors;
  • Governance standards that codify human rights and protection of personal data, privacy, and intellectual property, as well as accessible and transparent grievance redressal mechanisms. Governance can also extend to cover institutions and funding;
  • A community of private sector and civil society actors who collaborate.

The Outcome Document & Chair's Summary [PDF] produced by the ministerial meeting offers a more detailed description of the Framework, and describes it as representing principles for building robust, inclusive, human-centric, and sustainable digital public infrastructure.

It's not surprising the Framework has been recommended by the G20 while India holds presidency of the organization. As we reported last week, India has made the India Stack bundle of digital public goods a key diplomatic initiative.

The related term digital public goods is often also applied to free open source software, including Linux – one reason Red Hat's decision to stop sharing RHEL source code with the public has proved so controversial.

While the Framework is not binding, it is a further expression of interest in DPI, which has gathered more attention since the debut of India Stack. Another less visible effort – the US's Open Security Controls Assessment Language (OSCAL) – has won admirers for its ability to describe security baselines in an open format that allows sharing of controls.

The ministerial meeting also produced a set of "High-Level Principles to Support Businesses in Building Safety, Security, Resilience, and Trust in the Digital Economy." This document emphasizes methods to improve private sector infosec capacity to protect supply chains, improve resilience of critical services, and encourage redress mechanisms for organizations that suffer cyber attacks.

Another output was the "Toolkit on Cyber Education and Cyber Awareness of Children and Youth" – the result of research on how to minimize risks young people face online.

The Toolkit recommends five approaches for consideration by policymakers developing cyber education and cyber awareness initiatives for children and youth, namely:

  • Classifying risks and responses based on sub age groups;
  • Investing in response, referrals, and support systems;
  • Adopting and investing in a multi-stakeholder approach throughout the decision-making process;
  • Promoting global cooperation to further child online safety;
  • Recognizing the critical role of businesses and online platforms.

Again, nothing on the list is binding. But at least the international community is sharing resources in this field.

India has signalled it plans to use its presidency of the G20 to drive development of global standards to ensure that artificial intelligence does not harm humanity.

This weekend's meeting appears to have considered AI in other spheres. But with the G20 Heads of State and Government Summit scheduled for September, there's plenty of time and opportunity for the bloc to make AI-related pronouncements. ®

Bootnote: the G20 actually has 19 members, namely Argentina, Australia, Brazil, Canada, China, France, Germany, India, Indonesia, Italy, Japan, Republic of Korea, Mexico, Russia, Saudi Arabia, South Africa, Türkiye, United Kingdom, United States, and the European Union. The members collectively represent around 85 percent of global GDP and two-thirds of global population.

More about


Send us news

Other stories you might like