Networks and national security. What software houses can do according to Prof. Monti

What do the anti-American, allegedly-Chinese espionage actions have in common with the death in Germany of a woman who would not receive prompt treatment because a ransomware attack paralysed the German hospital where her ambulance was heading? The analysis of Andrea Monti, adjunct professor of law and order and public security law, University of Chieti-Pescara – published initially in Italian by Formiche.net
Continue reading “Networks and national security. What software houses can do according to Prof. Monti”

Zhenhua and the risk for the data-economy ecosystem

Collecting information and profiling people are widely practised all over the world. In Italy, though, a provision of the Testo Unico delle Leggi di Pubblica Sicurezza  (TULPS) dating back to the Mussolini’s rule prohibits activities of this kind. Open-source intelligence and data-brokerage are at risk? Prof. Monti’s analysis – published in Italian by Formiche.net

The “Zhenhua case”, involving a Chinese company accused of creating the Oversea Key Information DataBase (Okid) to catalogue data from public sources relating to people of millions, was presented as yet another hostile action by China towards the rest of the world. In reality, however, Okid is no different from its Western equivalents which, at least in Italy, could be prohibited by the Public Security legislation. Continue reading “Zhenhua and the risk for the data-economy ecosystem”

GDPR and the Next Italian Unified Telecommunication Network

The presence of non-EU subjects among the owners of the single network poses national security problems that have already emerged in the case-law of the European Court of Justice by Andrea Monti

Among the many aspects related to the creation of the unified Italian telecommunication network, the relationship between personal data protection, the presence of non-EU owners in the corporate structure and national security deserves special consideration. Indeed, given the criticality of the telecommunications sector, the absence of full control by Italy opens up the risk of foreign interference in the protection of the fundamental interests of the State, as highlighted in the Huawei case.

The nature and extent of the problem become apparent by recomposing the different tiles of the current political and legal mosaic. Continue reading “GDPR and the Next Italian Unified Telecommunication Network”

Pro Huawei (and all national security technology providers)

Passed to manage national security problems caused by the use of Chinese technology,  a Prime Minister Decree dictates new and problematic rules for contracts negotiation in the Italian telco market by Andrea Monti – published initially in Italian by Infosec.News

This article analyses the issues related to the practical application of the Conte-Huawei Decree issued last August 7, 2020, which sets out the conditions under which TIM S.p.a. can use Huawei’s 5G technology, reducing to an acceptable level the national security risk also feared by the Italian Parliamentary Committee on Secret Services (COPASIR), after the alarms launched by the USA. The article highlights the critical issues arising from a legally incorrect approach and concludes that the solution adopted by the Italian Government is worse than the problem it tried to fix.

Before going ahead, however, it would be preferable to read another article that analyses the strategic problems affecting the Decree. Continue reading “Pro Huawei (and all national security technology providers)”

Data transfer in the USA, restrictions from the German Data Protection Authority

Unbreakable cryptographic systems requested, but technical requirements are missing
by Andrea Monti – initially published in Italian by IlSole24Ore-Norme e Tributi

On 24 August 2020, the data protection authority of Baden-Württemberg (one of the sixteen federal states of Germany) issued guidelines for the international transfer of personal data, which impose strict rules on interaction with third countries and in particular with the USA. The guidelines, which are only valid within the German state, became necessary following the “Schrems II” ruling issued on 16 July 2020 by which the European Court of Justice annulled the European Commission’s “privacy shield” which allowed the exchange of data with the USA. Continue reading “Data transfer in the USA, restrictions from the German Data Protection Authority”