Do Cultural Differences Account for Global Gap in Online Regulation?

December 2, 2019

Differences in cultural values have led some countries to tackle cyber attacks with increased internet regulation, while others have taken a ‘hands-off’ approach to online security, says a research report.

"Internet users gravitate towards one of two ‘poles’ of social values. Risk-taking users are found in ‘competitive’ national cultures prompting heavy regulation, while web users in ‘co-operative’ nations exhibit less risky behavior requiring lighter regulation," says the study.

Researchers at the University of Birmingham used cultural value measurements from 74 countries to predict the Global Cybersecurity Index (GCI), which measures state commitments of countries to cybersecurity regulation. The report, ‘Using human values-based approach to understand cross-cultural commitment toward regulation and governance of cybersecurity’ by Dr. Alexander Kharlamov, from Birmingham Law School and Professor Ganna Pogrebna, from Birmingham Business School, is published by Regulation & Governance.

In the study, Dr. Kharlamov and Professor Pogrebna demonstrated that differences in cybersecurity regulation, measured by GCI, stem from cross-cultural differences in human values between countries, says an University of Birmingham press release. They also showed how cultural values mapped onto national commitments to regulate and govern cybersecurity.

In China, where people are more risk taking than American and British web users across five categories of risk behaviors, regulation is far stricter than in the USA, which in turn is tighter than the UK, says the University of Birmingham. Dr. Kharlamov and Professor Pogrebna showed that this corresponded to the countries’ relative positions on the cultural value scale, with China closer to ‘competitive’ than the USA, which in turn is closer to this ‘pole’ than the UK.

Dr. Kharlamov commented, “We spend most of our lives in the digital domain and cyber attacks not only lead to a significant financial damage, but also cause prolonged psychological harm - using social engineering techniques to trick people into doing something they otherwise would not want to do. Irresponsible use of digital technologies, such as the Cambridge Analytica case, cause harm to many citizens and tell us that Internet regulation is imminent. It is vital to understand the origins of human behavior online, as well as values and behavioral patterns.”

The five categories of risk behavior - cybersecurity, personal data, privacy, cybercrime and negligence – each consisted of six behavioral examples such as:

Not using anti-virus or antimalware protection (cybersecurity)
Providing private information, such as your email address, to obtain free WiFi in public places such as coffee shops, airports and train stations (personal data)
Linking multiple social media accounts such as Twitter, Facebook and Instagram (Privacy)
Using insecure connections or free WiFi (Cybercrime)
Letting web browsers remember passwords (Negligence)

Professor Ganna Pogrebna said, “Culture shapes the way we govern cyber spaces. Human values lie at the core of the human risk‐taking behavior in the digital space, which, in turn has a direct impact on the way in which digital domain is regulated. We talk about establishing overarching international online regulation, such as a new International Convention of Human Digital Rights. Yet, it seems the main reason why the international community fails to agree on such regulation has deep cultural underpinning.”

GCI is produced by the International Telecommunications Union and assesses each country’s engagement with cybersecurity regulatory processes in five areas: Legal, Technical, Organizational, Capacity Building and Co-operation. The research paper can be found at: https://onlinelibrary.wiley.com/doi/epdf/10.1111/rego.12281

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

Join our subject matter experts as they explore how the right systems can help identify, analyze and report potential incidents and help building owners sustain compliance and create safer spaces.

Security Magazine

2020 September

This month in Security magazine, we bring you our 2020 Most Influential People in Security annual report, where we highlight 22 industry leaders, their path to security, careers, goals and guidance for future security professionals. Industry experts discuss the evolution of ransomware, houses of worship security, cybersecurity standards, security careers in investigations and the unifying power of security. Diane Ritchey, past Editor-in-Chief, says goodbye and thank you to our readers.

View More Create Account

Do Cultural Differences Account for Global Gap in Online Regulation?

Related Articles

Related Events

Report Abusive Comment