• United States



Re-thinking development aid in the digital age

Feb 05, 20154 mins

New developments in technology in the developing world require re-thinking what development aid means. Information security can be the means for protecting a developing country's critical infrastructure, nascent digital economy and preserving on-line digital rights.

Traditional aid to developing countries has focused on fighting poverty, building infrastructure, protecting the environment, and strengthening democratic institutions including human rights.   This formula has served development organisations well in the past, but going forward it may not be adequate to support the rapidly changing technological needs of developing countries.

Developing countries have nascent digital economies with critical infrastructure that relies on sophisticated technologies. In addition, citizens’ access to information, privacy, and freedom of expression—human rights according to the Universal Declaration of Human Rights—are fundamentally at risk without adequate information security protections.

The view of the populations in developing countries being technologically illiterate is now obsolete. This is especially true in areas of Africa where mobile technologies have leap-frogged an entire generation of telecommunications that rely upon on physical infrastructure. A recent survey conducted by the Pew Research Centre in 24 emerging and developing economies showed that in regions where mobile money is prevalent, people now regularly use their mobile phones for e-commerce.   For example, in Kenya, 82% of the population owns mobile phones and of that number, 68% regularly use them to make or receive electronic payments.

These emerging digital economies can be at systemic risk from cyber-criminals. Rampant fraud or hacking attacks, for example, could stymie or crash a developing nation’s nascent digital economy. Widespread fraud could deter legitimate participants from using e-commerce and thus prevent nations’ macro-economies from benefitting from the increased speed and reduced costs of digital commerce. Without sufficient protection against cybercrime, economies in emerging nations may never make the jump to fully developed nation status.

Developing nations also face risks to their critical infrastructure from more advanced nation-state actors who, in times of crisis, might use their superior cyber-attack capabilities as a means of intimidation. For example, it was recently revealed by security researchers at Cylance that for the past two years, Iranian hackers have infiltrated the networks of many nations’ airports, defense industries, universities, hospitals, telecommunications firms, government agencies, and energy companies. The Iranian group purportedly used an internally developed software to hack other nations’ critical infrastructure and obtain sensitive information. It does not take much imagination to understand how this clandestine information access might be used to intimidate or coerce nations in times of crisis.

Finally, protecting personal data, freedom of expression, and access to public resources for citizens in developing nations is fundamental to preserve human rights in the digital age. A US-based NGO, Freedom House, recently published a Freedom of the Net study showing that internet users in 41 out of 65 countries assessed in the report have either passed or have proposed legislation to penalize legitimate forms of online speech, increase government powers to control content, or expand government surveillance capabilities. In addition, governments, cyber criminals and state-backed intelligence entities have been known to hack citizens’ personal computers for fraudulent purposes or to gain information of intelligence value. Protecting human rights in the digital realm translates to introducing full-fledged cyber security capabilities and information security awareness.

Developing countries may lack expertise or awareness of cyber risks to their critical infrastructure, their emerging digital economies, and security threats that affect basic human rights. One way this may be overcome is by enhancing programmatic assistance to developing countries through cyber security expertise.

The United Nations Development Programme, for example, is now providing information security assistance to developing countries by facilitating the development of local networks of experts to provide technical expertise; by preparing briefing notes that raise awareness about information security issues to policy- and decision-makers at high-level meetings; and by and sharing case studies, success stories, and lessons learned.

As just one example, the highly successful Access 2 Information project, a joint programme of UNDP and USAID with the Prime Minister’s Office in Bangladesh, is adding, with UNDP’s help, an information security programme to its arsenal of technological assistance for a digital Bangladesh. This kind of innovative new programmatic assistance might serve as a blueprint for effective global development aid in our digital age.

–The views expressed herein are those of the author and do not necessarily reflect the views of the United Nations Development Programme.


Paul Raines is the Chief Information Security Officer for the United Nations Development Programme. In that capacity he is responsible for the information security and disaster recovery planning for the Organisation’s 177 locations around the world. Previously, he worked for the Organisation for the Prohibition of Chemical Weapons (OPCW) and, like all current and former members of the organization, shared in the 2013 Nobel Peace Prize. Prior to working for the United Nations he was the Chief Information Security Officer for Bloomberg LP and the Federal Reserve Bank of New York. He is a graduate of the United States Air Force Academy and Harvard’s Kennedy School of Government. For relaxation he enjoys opera, Shakespeare, French wine and sometimes just sitting in a cafe with an espresso and croissant reading a good book on Roman history.

The opinions expressed in this blog are those of Paul Raines and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author