Here is a twisted tale about trust: The judge blinked when an elderly couple was brought before him for shoplifting. The 77-year-old man and his 70-year-old wife were quarrelling openly despite being ordered to be quiet in the court. “What’s the offence?” the judge asked sternly. The prosecutor said the wife had stolen a can of mangoes from the grocery store while the husband kept a lookout. They were trying to get away before being caught.

“How many mango pieces were in the can?” the judge asked the woman. “I think there were seven, your honour,” the woman bowed her head. The judge wagged a finger. “In that case, I will give you seven days in jail.” The husband raised his hand and asked the judge for permission to speak. The judge nodded. “To be honest, your honour,” the husband said. “She also stole another can, which had 30 peas.”

If that story made you wink, these statistics should make you think: Globally, one in four companies suffered a data breach that cost them US$1 million to US$20 million in the past three years. Despite that, fewer than 40% of executives have taken measures to mitigate cybersecurity risk exposure in critical areas, including enabling remote and hybrid work, accelerated cloud adoption, increased use of Internet of Things (IoT), and back-office operations.

These stats come from PwC’s annual Global Digital Trust Insights, which polled 3,500 senior executives across 65 countries. “Despite all the progress that organisations have made in improving their cybersecurity programmes, there is a lot more to be done,” says Sean Joyce, PwC’s global cybersecurity and privacy leader. “There are three things that need to be done with digital transformation to help build public trust: a strategic risk management programme; continuity and contingency planning; and clear, consistent external reporting.”

An increase in digital trust prevalence of five percentage points can boost a country’s average GDP per capita by about US$3,000 (RM14,235), according to a multi-country survey commissioned by Callsign Inc and conducted by the UK-based CEBR (Centre for Economics and Business Research). Conducted in February 2022, the survey polled respondents in Southeast Asia, India, Benelux, the Middle East, Africa, the UK, the US and the Nordic states.

Given that almost everyone is now online, the call for companies and governments to take digital trust seriously is most pertinent. For example, Malaysia’s GDP per capita in 2021 was US$11,371, according to the World Bank. The boost in digital trust could enable Malaysia’s GDP per capita to cross US$11,939 (RM56,000).

But, then, what exactly is digital trust? It is the confidence that participants have in the digital ecosystem to interact securely, in a transparent, accountable and frictionless manner, according to SGTech, an industry association that represents the tech industry in Singapore.

“Digital trust encompasses more than cybersecurity, privacy, data protection, or AI (artificial intelligence) ethics,” SGTech noted in a white paper released in October. “At its core, creating digital trust demands a concerted set of approaches that uphold stakeholder confidence and ensure that digital interactions truly work.”

Digital trust will be a game-changer for Asean. “The increasing merging of the physical, digital and biological worlds has created enormous opportunities and challenges for the way we live and work,” says SGTech chairman Wong Wai Meng. “Technologies such as AI, big data, blockchain and IoT have accelerated the pace of innovation in business. Internal resources alone do not address the dynamic needs of markets. Therefore, companies need to innovate and collaborate with external stakeholders as well.”

The rise in cybercrime, privacy violations and fake news has made users wary of digital platforms. “The push to digitalise and innovate has opened challenges for companies, which must consider new privacy, security and information-control issues as they collect and store more data,” Wong says. “Building digital and data systems based on trust is key to surmounting these challenges.”

Digital trust is so crucial because the volume of data created globally will balloon to 180 zettabytes by 2025 — from 64.2 zettabytes in 2020, according to research house Statista (a zettabyte is 1,000 exabytes, or a billion terabytes, or a trillion gigabytes). In 2020, the amount of data created reached a new high. The growth was higher than previously expected, caused by the increased demand because of the pandemic, as more people worked, learnt and played from home.

The concern? “Only a small percentage of this newly created data is kept. Just 2% of the data produced and consumed in 2020 was saved and retained into 2021,” Statista notes. “In line with the vigorous growth of data volume, the installed base of storage capacity may increase at a 19.2% annual rate from 2020 to 2025. In 2020, the installed base of all storage reached 6.7 zettabytes.”

The global market for digital trust products and services is currently worth about US$385 billion and will cross US$765 billion by 2027, according to a study by the Eden Strategy Institute.

“Digital trust is the confidence that citizens have when they interact online, that their interactions are secure, private, transparent and accountable,” says Calvin Chu, managing partner at the Eden Strategy Institute. “A business can inspire digital trust by being secure, competent, consistent and transparent, and by having a verifiable commitment to user interests. The government’s role is to set processes, policies and frameworks around security and accountability to enable businesses and consumers to interact confidently in the digital world.”

Enterprises need a proactive approach to address regulatory compliance with digital solutions that can help them comply with new regulations to protect their stakeholders. “Many organisations are leveraging customer data to provide services. But, then, processes must be in place to safeguard sensitive data throughout the value chain,” says Paul Burton, IBM’s general manager for Asia-Pacific. “Digital trust will play a crucial role in ensuring companies demonstrate accountability and governance.”

IBM was one of the first companies to appoint a CPO (chief privacy officer) and publish a privacy policy. It also took an early lead to develop and adopt the EU Data Protection Code of Conduct for Cloud Service Providers, and to be certified under the EU-US Privacy Shield. The company says it was also the first in the world to be certified under the APEC CBPR (Cross-Border Privacy Rules), which also applies across Asean.

Why bother about Asean? With a GDP growth rate that is ranked third, after India and China, Asean is set to grow by an annual 4% over the next decade, making this region the world’s fourth-largest economy, as per estimates from the World Economic Forum (WEF). By 2030, Asean’s GDP will stretch to US$4.5 trillion, and the population will reach 723 million.

“A young, tech-savvy population entering the workforce and migrating to big and small cities will spur consumption in Indonesia, Vietnam and the Philippines,” the WEF notes. “By 2030, the median age in the Philippines will be 29 while Indonesia’s will be 32. Young consumers are tech-savvy, likely to discover products on social media, comfortable spending online and concerned about health and sustainability.”

What about the digital opportunity? By 2030, about 575 million people, or roughly 80% of Asean’s population, will be online. Consumers across Asean spend up to 1.2 times more time online today than the global average. That leverage would make Asean a magnet and spur innovation in tech.

No wonder the market for emerging digital trust tech, such as PETs (privacy enhancing technologies) and DLTs (distributed ledger technologies), is attracting venture capital interest. It is also pushing companies to validate use cases for different types of data in various industries. Their potential to comply with regulatory requirements and build trust in their systems makes them exciting hotspots for growth. Meanwhile, cyber insurance is gaining greater adoption from large companies and small and medium enterprises (SMEs).

Since we started with a legal story, let us end with another. When I was in college, the students were invited to attend career counselling sessions, where professionals such as doctors, chartered accountants and lawyers gave us insights into their work.

One evening, a lawyer of repute regaled us with witty stories of life in the courtroom. “Sir, I have a question,” I raised my hand. “What’s the difference between a smart lawyer and an average lawyer?” The legal eagle thought for a couple of seconds. “An average lawyer might let a case drag on for several years,” he said with mock seriousness. “A smart lawyer knows how to make it last even longer.”

Raju Chellam is vice-president of new technologies at Fusionex International, Asia’s leading big data analytics company