Risks to Structural Vulnerabilities

SV1. Digital distrust

Digital distrust may arise from known or perceived risks to safety and inclusion. Digital distrust is debilitating to the success of DPI and to the development and adoption of new innovations which enrich DPI. Like discrimination, distrust in DPI is often tied to pre-existing social factors that must be acknowledged and understood in order to be effectively addressed. Regardless of the reason, digital distrust presents serious risks to the legitimacy, effectiveness, adoption and sustainability of DPI systems and may extend to distrust in all digital services and government institutions in general.

SV2. Weak rule of law

Weak rule of law limits the ability of normative frameworks that prescribe legal, regulatory and ethical requirements to effectively mitigate risks. As DPI can amplify the political, social and economic power of those who control these systems, there is a risk that this concentrated power undermines the conventional institutions responsible for upholding the rule of law and escapes the essential checks and balances, potentially leading to abuses. Concentration of power in the form of monopolies may inhibit innovation, limit services and their features and leave inefficient quality of service unchecked. Inadequate accountability within the community of innovators and service providers that constitute a DPI can lead to malicious use, harms, and circumvention of the law with relative anonymity.

SV3. Weak institutions

Weak institutions diminish the effectiveness and legitimacy of safeguards by failing to implement necessary policies and practices. The failure to contextualize institutional needs also jeopardizes DPI value and effectiveness. Insufficient institutional capacity, mechanisms and resources to fulfil necessary roles represent a pervasive risk to DPI, as does the absence of appropriate institutions to oversee the entire DPI life cycle. The lack of will or wherewithal to coordinate (or cooperate) between key agencies and stakeholders in the ecosystem to employ a whole-of-society approach to DPI diminishes its value and impact.

SV4. Technical shortcomings

Technical shortcomings can be detrimental to DPI safeguards. Risks arise when systems are not designed to prevent safety, inclusivity and other harms; are poorly implemented, or inadequately tested. Vulnerabilities include security risks to the DPI itself and to people; inappropriate design for specific persons (gender, age, disability, etc.,); inappropriate technology choices leading to non-standard, non-interoperable or excessively costly solutions; restricted, conditional or encumbered ownership of full solutions; inadequate skills and competencies in DPI, and issues related to its sustainability. Among other harms, technical shortcomings erode trust in DPI, particularly where users have limited digital literacy and are still building confidence.

SV5. Unsustainability of a DPI poses significant risks to those who have invested in and rely on its services, and limits adoption by its potential users and those of other DPI systems. Such risks arise from inadequate value to users, inadequate design, maintenance, improvement, updates and resourcing. Financial threats include high operational and maintenance costs, hardware and software obsolescence and compromised components. Vendor lock-in limits flexibility and adaptability to new technologies, leading to long-term costs and other challenges. Additionally, without strategies to reduce carbon footprints and manage the environmental impact of discarded electrical and electronic equipment (“e-waste”), the environmental impact of DPI could jeopardize its role in advancing environmental sustainability goals—and in turn its own sustainability. The consequences of DPI unsustainability are significant due to its broad societal impact.