SOF on Trial. The Technical and Legal Value of Battlefield Digital Forensics in Court

The book Information Security Systems has been published in late 2017 by Springer as part of the  Lecture Notes in Computer Science book series.

Together with Prof. Luigi Mancini and dr. Agostino Panico of the Information Technology Department of the Sapienza University (Rome) I wrote the chapter titled “SOF on Trial. The Technical and Legal Value of Battlefield Digital Forensics in Court“.

Here is the abstract: Continue reading “SOF on Trial. The Technical and Legal Value of Battlefield Digital Forensics in Court”

On Killing (A disturbing attitude on ICT Security)

A lot of ICT security musings don’t take into account that before being “ICT”, security is first “security”. This means that in designing a strategy, the “security architect” should know the basic meaning of the word: preventing threats and, in case the worst happens, terminate the threat as fast and ruthlessly as possible. Continue reading “On Killing (A disturbing attitude on ICT Security)”

No More Mandatory Data Retention in Italy? – Update

As a consequence of the Parliament/Govern inactivity, the huge quantity of traffic data that survived the June, 30 midnight – and that some ISP might still have in its own hand, maybe hoping for a last-minute, never passed, prorogation – is currently being deleted.

Right now, traffic-Database deleting schedules should have been re-set to the old standard: one year retention period as set forth by sec. 132 of the Italian Data Protection Act.

And the Data Protection Authority still hasn’t hissed a word.

 

No More Data Retention in Italy?

Yesterday the Internet Traffic Mandatory Data Retention regulation expired without being re-enacted by the Parliament. This means that at the midnight of June, 30, all the Italian Telcos and ISPs just (or should have) deleted last year Internet usage information from their databases.

Maybe the Parliament and the Data Protection Authority just had a strike of consciousness and decided so, after having “forgotten” for years to stress test the national data retention legislation to check if it could still stands against the EU Court of justice 2014 decision that bashed the data-retention directive.

Or, maybe, the powers-that-be just forgot about the data-retention.

We’ll never know for sure, but fact is that current high profile criminal investigations are now deprived of an important information gathering tool.