Skip to content

EUCJ and the Data Retention and Investigatory Powers Act

A friend of mine asked a quick commentary about a Telegraph news about the European Court of Justice decision that bashed the British Data Retention and Investigatory Powers Act, forcing the ISPs to abid to a one-year Internet traffic data retention period.
Here is my answer:

It is clear that the EUCJ is following its political agenda.
As I said countless times, law enforcement and national security aren’t subjected to the might of the data-protection directive so this legal instrument can’t be enforced to rule investigative powers.
It is false that users are note informed about the retention. There is a law that set forth the duty, so the citizen are supposed to know about it (ignorantia legis non excusat.)
Again, the article and – I suppose – the EUCJ confuses fairly different things: GCHQ is intelligence and – as such – is well out of reach from the DP directive. Other public bodies have the right to perform their investigation to guarantee the respect of the law.
So, the actual problem is quis custodies ipsos custodies. In other words: I have no problem with an agency that accesses my data. But I do have the right to know in real time when it happens and why (or, if there is a secrecy issue, as soon as it is reasonable.)

The President of the Italian Low Chamber, Blodrini, holds Google and Facebook “ethically liable” for what the users do online

According to Laura Boldrini (left wing), President of the Italian Low Chamber, Google and Facebook are ethically liable for what the users do online. Talking about the (venerable) online hoaxes phenomenon, she verbatim stated:

 They are not telcos, they have an ethical and social liability. While obviously it isn’t only their fault if hoaxes are spreading. 1

This is not the first time that Boldrini tries to extend the liability of the users to ISP, Telcos and Over the top operators and this last statement lead to think that there should be an actual agenda on this topic.

But the concept of “moral/ethic liability”  is both religious and individual, and in a democratic country where the rule of Law is supreme, is not supposed to be taken into account. On the contrary,  following a precise script, this is what we face every time that the Internet is involved: public outcry first, ethical issue next and, finally, an “ethical” regulation.

In the specific case, Boldrini’s position is wrong from whatever the side you look at it.

It is ethically dangerous because weakens the legal principle of the individual’s personal liability, thus reinforcing users’ idea that online there is no accountability.

It is legally unfeasible, because the e-commerce directive made crystal clear that ISPs cannot be forced to monitor and verify each single act of a user, and the data protection directive says, again, crystal clear, that the data protection regulation doesn’t apply to individual’s data processing (in other word: the law doesn’t work for a Facebook’s post made by a user.)

It is market’s sinking. Italy has already proven to be unable to join the digital economy race, and this regulatory approach from Boldrini is another dead weight to the Italian Telco industry.

  1. Non sono compagnie telefoniche, hanno una responsabilità morale e sociale. Anche se ovviamente non è soltanto colpa loro se si diffondono le bufale.

How Digital Technology exposed the Audiophile Fraud

Audiophile hardware… pardon, equipment, is expensive. Full stop.

It is a “given” that to enjoy “true” music you must allocate a budget that equals the purchase of a supercar otherwise, as Califano (an Italian singer) used to sing, tutto il resto è noia (everything else is spleen.) But is it actually so?

Currently I’m listening some Antonio Vivaldi’s concerts played by Yo Yo Ma, in CD – quality (44/16) FLAC format through a couple of bookshelf B&W loudspeakers connected to my old (sorry again, “vintage”) amplifier that receive the analogue signal from a thunderbolt DAC made by  Zoom Japan. Not factoring the computer, the whole setup costs well below a thousand Euros and the quality is very good.

Of course an audiophile would strongly disagree with this statement. He would surely start talking about the superiority of the brand X’s amplifier or the absolute need of a thousand Euros-per-meter loudspeaker cable to have the music flows more “liquid” and so on. And he will rebuff with a pity look in his eyes whoever says something different: ignorant can’t actually understand the “truth”, so let them listen at their Iphone’s earbuds.

To some extent this audiophile is right: expensive rigs can produce awesome results. But a simple logic shows that this statement is wrong and doesn’t match the reality of the digital music industry.

First, it is false that an 100.000 Euros music set up sounds 100 times better than a 1.000,00 Euros one. The more you get close to physical limitation of whatever equipment, the price of each improving step raises more and more and the quality result is more and more less than proportional.

Second, the majority of the music labels still sells their music in CD quality, i.e. the 1980, Red Book standard (16 bit, 44Khz) and even those CD advertised as “24bit recorded” are actually downsampled to the usual standard. With vinyl there was some sense in purchasing costly turntables to minimize the impact of the moving parts on the quality of the electrical signal to be sent the amplifier. Digital files free us from this need. Sure, there are different quality level in digital-to-analogue conversions (DAC) hardware. But a lot of what is sold right now is just “whistles-and-bells”. Spending money for a DAC able to handle 24bit/192Khz or DSD128 streams is useless because, right now, none of the big music labels are releasing high resolution versions of their catalogue, limiting to a very little niche of contents. So where is the point in spending huge monies to buy something that is of no use?

Third (or, maybe, Second, continued), high resolution files make sense only if the music to be played contains a very high dynamic range (from the lows of drums and percussion to the highs of violins and triangle), high personality musical instruments and great players. “Dirty” music like blues (think of John Lee Hooker) or rock (Jimi Hendrix jumps in) is not enhanced by  “better” mastering, as there is no improvement in overmastering a Lady Gaga tune. Furthermore, a lot of the music available on the market is a “bookshelf product”, i.e. something that has been designed to be sold in a very short timeframe, just to be replaced by the next new “version”. Can you actually tell the (musical) difference in the “artistic” production of what is currently sold as “music”? It is not a coincidence that, more and more, “artists” are known more for their eccentricity or fashion look than for their “cultural” production. This is not a rant about how better was the good ol’time music, but a precise cost-benefit analysis: no need to invest in better recorded music, if what has to be sold doesn’t worth it and – more important – if the customer base is not willingly to pay the premium price.

Conclusion: a logic approach to the sound quality that involves a look at the marketing digital strategy of the music industry and the account of the Far East sound-handling devices’ quality shows that it doesn’t make sense to waste money into “audiophile level” equipment.

What we do need is just better music.


Safety, the IT Crowd way

Copyright Piracy Incitation

I was looking for an HI-Res album to buy and I found it on HIRESAUDIO.COM. When I tried to buy the tunes, here is what I got:piracyincitation










The short story is: if I want to pay for a legitimate copy I have to wait don’t know how much time.

Why on Earth, apart being a law-abiding lawyer (no pun intended), should I restrain myself from looking for some torrent? (BTW, should I do it, who might blame me, since I already paid for “SIAE TAX” on my terabytes of storage?)

Copyright stakeholders are still living in the last century, don’t they?


Brexit, Donald Trump and the Dark Side of the Internet

The Brexit’s outcome, Donald Trump to become POTUS (President of the United States) and, before that rise of “populist” political wings, are all a consequence  (I hate to say it) of the Internet. Of course, the Internet is not the only factor, but facts show that it contributed largely to a shift of the people’s role in the political arena.

Before the Internet, haters, poorly educated and fanatics lived their life in
(a relative) isolation. They were just individual drops  or – at the very worst – a number of little, unconnected rivulets. Thank to the Internet, they all of a sudden discovered that they weren’t alone in their way to look at life and found a way to turn the rivulets into an enormous tide.

So, what present reality teaches us, is that the Internet empowered the most gullible and “weak” part of the society with an actual capability to create social, political and economic damages.

I do not intend to offend (and I’m not talking about) those who voted to leave the EU or supported the current POTUS and so on,  that did it on a rational, informed basis. That’s the core of the democracy: a dissenting opinion is not – per se – wrong. What scares me, as the late events have demonstrated, is that our destiny can be shaped by a large, irrational, anonymous digital crowd.

It would be easy, at this point, to start thinking that Russia and China aren’t that wrong
when they prevent the people from accessing the Internet. And that a serious tool should be handled with the proper care and training by untroubled people.

But, apart the unacceptable racist basis of the statement – this  would means that only a few should have had access to this resource and then that nobody would have thrown the necessary money to develop the network. So, to close the circle, we now enjoy the Internet as it is, because less culturally-structured people made it possible.

Having a tool that makes people dumber, a modern version of Nero’s panem et circenses, is great for the powers-that-be. Do spend your time in streaming, social-networking, and texting and let us do our job: we know what’s good for you.

And the paradox lies in that: to have power you need to make people weak in thinking. But such kind of people do irrational things, hence Brexit, Trump and so on, so the power you’re eagerly looking for, is lost.

Funny, isn’t it?

Privacy Shield Dead-On-Arrival?

As expected, Privacy Shield has been challenged in front of the EUCJ.

Before wasting time and money trying to comply with this DOA thing, it would be safe to wait for the judgement.

The Italian Supreme Court: name and surname only aren’t subjected to the Data Protection Act

The Corte di cassazione (Italian Supreme Court) decision n. 20615/16 narrows the definition of “personal data” under the Italian data-protection act that enforces the data-protection directive.

The merit of the decision is a legal action against a municipality accused of having published on its website the name and surname of an individual who sued the municipality.

While, the Court said, when mandatory by law the releasing of personal data is always allowed (and this was the case, since there is a law the bind a municipality to disclose its decisions, including those related to legal actions), the simple publication of a name and surname is not enough to make and individual actually identifiable.

Verbatim, the Court says:

the identification of the individuals… would have been possible only by way of further investigations, including third-parties database, with a disproportionate effort in terms of energy and money that is not justified by the interest to identify people involved in a trivial car accident.

This decision set forth a very important point because points out the fact that the “identifiability” notion of the directive is a relative one.

In other words, and enforcing the legal principle to the telco world, an IP number in itself is not necessary a personal data, unless “the identification of the individuals… would have been possible only by way of further investigations, including third-parties database, with a disproportionate effort in terms of energy and money that is not justified by the interest to identify people”.

Needless to sat, the Italian Data Protection Authority has always challenged this interpretation, trying to affirm an “absolute” notion of personal data, thus creating bureaucratic burdens end financial costs for the compliance.

Phoney and the forensics value of Iphone chat

Phoneys is a software that allows a user to change the content of an Iphone chat thus altering the meaning of the conversation.While this is just an entertainment software, it might have some disturbing impacts on a possible criminal investigation.

Indeed, SMS, chat transcripts and messages are routinely used as a source of evidence by lawyers and prosecutors on the basis that if something is on a phone it can be hardly be faked. Of course, this is not always true, of course evidences must be corroborated by independent checks, of course the legal community is not that dumb to give face value to a text on a phone screen. But…

Phoneys allows a malicious person to create a prima facie deceiving fact, by exploiting the fact that a message has actually been sent, thus leading the investigator into thinking that a conversation took place with the intended correspondent. In an emergency context, the necessity of taking immediate action might push him to under evaluate what has been shown as “evidence”, thus jeopardizing the final result.

Maybe this is a either a minor or non-existent issue. But judicial reality has proven to be more surprising then legal-thriller. So, next time you’re confronted with a message as an evidence, why not double check?

Just in case…

Smartwhatever, Cloud, Artificial Intelligence. When Marketing Tricks Lead To Dangerous Effects

If we give marketing buzzwords its proper meaning, a lot of hype disappear and things can be looked at in a less fancy while easier and pragmatic way.

So, for instance, SmartWhatever is just an electric/electronic tool with expanded (although limited) programming capability. “The Cloud” is just either an FTP or a grid/parallel computing service with dynamic resources allocation and, last but no least, Artificial Intelligence is just the attempt of enhancing the computer’s capability of performing its task in autonomy (and is not related to the creation of an actual “intelligence” since neurologist and other scientists still ignore how the brain works.)

Sure, neither calling a cloud service “enhanced FTP” nor labeling an “intelligent phone”  just “voice driven mobile” power the sales of the gimmick of the moment. Nevertheless, since words do have meaning, the recklessness of the marketing coupled with the ignorance of lawmakers and courts lead to dangerous consequences.

The legal “rhetoric” about these buzzwords is unbelievable: the legal community tries to look for “new” problems to solve (and I suspect, for new clients), and somebody, around, keeps talking about artificial intelligence “rights”.

To put it short: once again, by fault of ignorance and unscrupulousity we are exposed to  non-existent legal issues that, despite being just nothing, shall cause actual trouble.