Skip to content

Category Archives: IT Security

The Italian Data Protection Authority to Challenge the European Court of Justice?

According the online newspaper Repubblica.it, the Italian Data Protection Authority (DPA) stated verbatim that the 72  months retention periodo imposed by the upcoming legislation is much too long. By doing this, the DPA implied that the only problem with data-retention is its duration, and didn’t mention the main issue raised by the EUCJ decision: carpet […]

Data Retention Strikes Back in Italy

The Italian Parliament is going to pass a provision (“hidden” into an elevator’s safety decree) to re-introduces the extension of the original (and still possibly illegal) data-retention term up to 72 months.

No More Mandatory Data Retention in Italy? – Update

As a consequence of the Parliament/Govern inactivity, the huge quantity of traffic data that survived the June, 30 midnight – and that some ISP might still have in its own hand, maybe hoping for a last-minute, never passed, prorogation – is currently being deleted. Right now, traffic-Database deleting schedules should have been re-set to the […]

No More Data Retention in Italy?

Yesterday the Internet Traffic Mandatory Data Retention regulation expired without being re-enacted by the Parliament. This means that at the midnight of June, 30, all the Italian Telcos and ISPs just (or should have) deleted last year Internet usage information from their databases. Maybe the Parliament and the Data Protection Authority just had a strike […]

AntiPublic, British Airways and the Italian Data Protection Supervisor

Italy just discovered AntiPublic, the next data-leak with about half a million of personal accounts made publicly available by the lack of care of “trusted” websites in handling its “security measures”. British Airways got a shut down of its IT infrastructure due, according to the Italian newspaper Repubblica.it, a lack of management of the business […]

When Security Becomes Service Disruption: the Banca Popolare di Bari Case

The message reads: For security reasons, this ATM doesn’t provide cash between Friday, 16,30 and Monday, 09,00. We are sorry for the inconvenience. This way of looking at IT Security reminds me of those Security “Managers” who were use to advise to unplug the Ethernet cable at the daily close of business, to put it […]

There Is No Such Thing as “Information” Security

There is no such thing as “information” security.

EUCJ and the Data Retention and Investigatory Powers Act

A friend of mine asked a quick commentary about a Telegraph news about the European Court of Justice decision that bashed the British Data Retention and Investigatory Powers Act, forcing the ISPs to abid to a one-year Internet traffic data retention period. Here is my answer: It is clear that the EUCJ is following its […]

Privacy Shield Dead-On-Arrival?

As expected, Privacy Shield has been challenged in front of the EUCJ. Before wasting time and money trying to comply with this DOA thing, it would be safe to wait for the judgement.

Phoney and the forensics value of Iphone chat

Phoneys is a software that allows a user to change the content of an Iphone chat thus altering the meaning of the conversation.While this is just an entertainment software, it might have some disturbing impacts on a possible criminal investigation. Indeed, SMS, chat transcripts and messages are routinely used as a source of evidence by […]