Cyber Silent Spring: Leveraging ESG+T Frameworks and Trustmarks to Better Inform Investors and Consumers about the Sustainability, Cybersecurity, and Privacy of Internet-Connected Devices
50 Pages Posted: 11 Jan 2022
Date Written: January 7, 2022
The rapid expansion of Internet of Things (IoT) devices and services is continuing and even being catalyzed by the COVID-19 pandemic with the number of Internet-connected devices already far exceeding the number of people on the planet, leading to widespread implications for natural and digital ecosystems. There is a growing cadre of Environmental, Social, Governance, and Technology (ESG+T) frameworks and initiatives to measure these impacts, which are being rolled out to better inform both investors and consumers about the impacts of firms’ operations made all the more timely given both supply chain bottlenecks and pressing climate change goals. One such tool that is receiving increased attention are trustmarks, particularly labels. Efforts are already underway in Europe to incorporate privacy and cybersecurity information into existing CE label. To date, though, there has been no attempt in the legal literature that we could identify to account for global developments in such trustmarks that are seeking to communicate meaningful information about the cybersecurity and privacy characteristics of Internet-connected devices and services to consumers. There are likewise divergent efforts underway to promote information transparency for investors. As regulators and civil society groups in Asia, and increasingly in the United States, are actively questioning the utility of how such trustmarks could function, and how to promote transparency more broadly in this space for investors and consumers alike, the time is ripe to conduct a survey of attempts to date, and where they have fallen short. As new trustmarks are fashioned, what lessons should be taken from the sustainable development movement and environmental reporting standards, along with best practices from cognitive science, marketing, and human decision-making?
Keywords: cybersecurity, ESG, sustainability, SEC, NIST
Suggested Citation: Suggested Citation