Reports

First adopted in 1980, the OECD Privacy Guidelines are the first internationally agreed-upon set of privacy principles. They are framed in concise, technology-neutral language and have significantly influenced legislation and policy in OECD member countries and beyond. In 2018, the OECD initiated a comprehensive review of the Privacy Guidelines, which included a survey of Adherents, an ad hoc group of experts, and several workshops to explore the main challenges for privacy and personal data protection in an ever-evolving digital environment. This report presents the review's findings, confirming the continued importance and relevance of the Privacy Guidelines. However, it also highlights persistent and emerging implementation challenges and provides recommendations for addressing them.

The digital economy is growing, with producers increasingly using digital technology to revolutionise their production processes, and with new business models being created based on the digital transformation. To improve the visibility of digitalisation in macroeconomic statistics, the Digital Supply and Use Tables (SUTs) framework has been developed under the auspices of the OECD’s Informal Advisory Group (IAG) on Measuring GDP in a Digitalised Economy. In the Digital SUTs framework, three dimensions are introduced for measuring the digital economy: the nature of the transaction (the 'how'), the goods and services produced (the 'what'), and the new digital industries (the 'who'). The OECD Handbook on Compiling Digital SUTs explains these three dimensions and includes examples. It also presents the high priority indicators that have been agreed by the IAG and includes recommended templates for producing the outputs.

The OECD Privacy Guidelines are the first internationally agreed-upon set of privacy principles and are recognized as the global minimum standard for privacy and data protection. They are a solid foundation for building effective protection and trust for individuals, and also for developing common international approaches to transborder data flows. Since their adoption, they have influenced legislation and policy in OECD countries and beyond. This document reproduces the two existing explanatory memoranda that accompany the OECD Privacy Guidelines. The first, published in 1980, was developed alongside the original version of the OECD Privacy Guidelines to help in their interpretation and application. The supplementary Explanatory Memorandum was developed to provide context and rationale for the revisions to the OECD Privacy Guidelines made in 2013.

In 2019, the OECD Council adopted the Recommendation on Artificial Intelligence (the 'OECD AI Principles'). These include five values-based principles and five recommendations for OECD countries and adhering partner economies to promote responsible and trustworthy AI policies. This report takes stock of initiatives launched by countries worldwide to implement the OECD AI Principles which were reported to the OECD.AI Policy Observatory as of May 2023. It provides an overview of national AI strategies, including their oversight and monitoring bodies, expert advisory groups, as well as their monitoring and evaluation frameworks. It also discusses the various regulatory approaches that countries are adopting to ensure AI trustworthiness, such as ethics frameworks, AI-specific regulations, and regulatory sandboxes. Additionally, the report offers policy examples for each of the ten OECD AI Principles to facilitate cross-learning among policymakers.

This report analyses the demand for positions that require skills needed to develop or work with AI systems across 14 OECD countries between 2019 and 2022. It finds that, despite rapid growth in the demand for AI skills, AI-related online vacancies comprised less than 1% of all job postings and were predominantly found in sectors such as ICT and Professional Services. Skills related to Machine Learning were the most sought after. The US-focused part of the study reveals a consistent demand for socio-emotional, foundational, and technical skills across all AI employers. However, leading firms – those who posted the most AI jobs – exhibited a higher demand for AI professionals combining technical expertise with leadership, innovation, and problem-solving skills, underscoring the importance of these competencies in the AI field.

This report explores the current state of Internet of Things (IoT) adoption and usage in OECD countries among businesses, households, and individuals. It analyzes IoT trends based on semiconductors, patents, venture capital investments, and firms. Additionally, it includes two case studies that examine the implementation of IoT in manufacturing and healthcare.

As societies become increasingly digital, the importance of cyber security has grown significantly for individuals, companies, and nations. The rising number of cyber attacks surpasses the existing defense capabilities, partly due to a shortage of skilled cyber security professionals. This report delves into the analysis of the demand for cyber security experts in Latin America, using information from online job postings in Chile, Colombia, and Mexico. The analysis investigates recent trends in job demand for various cyber security roles, the geographical distribution of cyber security job postings, and the evolving skill requirements in this field. Additionally, the report focuses on the supply side by examining the landscape of cyber security education and training programmes in Colombia. It explores the different types of programmes offered in vocational and higher education, the characteristics of learners enrolled in these programmes, and their outcomes. Lastly, the report examines policies and initiatives implemented in Colombia to enhance the accessibility and relevance of cyber security education and training programmes. This report is part of a broader initiative that examines the evolution of policies and experiences in the cyber security profession around the world.

This report assesses the continued relevance of the OECD Recommendation on Cross-Border Co-operation in the Enforcement of Laws Protecting Privacy, originally adopted in 2007. It examines whether the Recommendation has kept pace with the evolving needs of Privacy Enforcement Authorities (PEAs) in light of significant technological and legal changes over the past 15 years. While the principles underlying the Recommendation are seen to remain solid, the report highlights several gaps and challenges for cross-border enforcement co-operation. It concludes that the OECD could either provide additional guidance to support the implementation of the Recommendation or consider revising it to better address current challenges.

Generative artificial intelligence (AI) creates new content in response to prompts, offering transformative potential across multiple sectors such as education, entertainment, healthcare and scientific research. However, these technologies also pose critical societal and policy challenges that policy makers must confront: potential shifts in labour markets, copyright uncertainties, and risk associated with the perpetuation of societal biases and the potential for misuse in the creation of disinformation and manipulated content. Consequences could extend to the spreading of mis- and disinformation, perpetuation of discrimination, distortion of public discourse and markets, and the incitement of violence. Governments recognise the transformative impact of generative AI and are actively working to address these challenges. This paper aims to inform these policy considerations and support decision makers in addressing them.

The digital security of communication networks is crucial to the functioning of our societies. Four trends are shaping networks, raising digital security implications: i) the increasing criticality of communication networks, ii) increased virtualisation of networks and use of cloud services, iii) a shift towards more openness in networks and iv) the role of artificial intelligence in networks. These trends bring benefits and challenges to digital security. While digital security ultimately depends on the decisions made by private actors (e.g. network operators and their suppliers), the report underlines the role governments can play to enhance the digital security of communication networks. It outlines key policy objectives and actions governments can take to incentivise the adoption of best practices and support stakeholders to reach an optimal level of digital security, ranging from light-touch to more interventionist approaches.