Axel Spies, a friend and a very skilled Washington-based lawyer just released a summary on the new French Data Protection Authority deliberation in re: transnational discovery of personal data.
Here is the summary’s full-text.
Aggregate data and Italian Data Protection Authority
An Italian Data Protection Authority decision issued on June, 25, 2009 set the deadline of Sept. 30, 2009 for telco operators and ISPs that must notify the Data Protection Authority the list of their mining activities executed on customers’ aggregate data (such as traffic volumes, paths and so on.) The aim of this decision is to spot illegal (at least, under Data Protection Authority opinion) data handling “masked” by activities performed to keep the infrastructure running
The Data Protection Authority, after having received the information, will decide what can be still done without informing the customer, what can be done AFTER having informed the customer and obtained his approval and what cannot be done at all. Furthermore, the Data Protection Authority will release a set of technical and management rules to ensure the concerned subjects’ compliance.
If these new set of rules will mimic those recently established for data-retention purposes and system administrators, telcos and ISPs will face again a mayhem of useless bureaucracy so hard to understand that the Data Protection Authority itself did release a FAQ to explain what these regulation actually meant (and we’re still waiting for the FAQ interpretation.)
Although the decision is limited to the Internet and telephony world, it is clear that in the near future it will affects too energy firms, banks, insurance companies and, in general, everybody who relies upon aggregate data to tweak its supply chain of services.
Once again, the Italian Data Protection Authority is proved to be one of the biggest blocking factor of Italian telco market, while not granting citizens some sort of protection.
CNAIPIC… a borderless center
On May 19, 2009 Italian news services announced the creation of a new governmental entity named CNAIPIC (Centro Nazionale Anticrimine Informatico per la Protezione delle Infrastrutture Critiche – National Center Anti-Computer Crimes for the Critical Infrastructure’s Protection. Sorry, still no website up to present.)
While CNAIPIC members will surely use their brains’ computing power to figure out how fight these hideous hacker out there, I wonder if they’re aware that “old school techniques” such as war dialing, still work against big infrastructure even after thirty years or so.
Instead of thinking how to build taller “chinese walls”, they’d better step back and check critical infrastructure default passwords or (supposedly) non connected modem and RAS.
Italy to ban on-line anonimyty?
A contribution for ALCEI.ORG
There is a disturbing, arising trend in Italy, of former showpersons now MPs of Berlusconi’s party to propose free speech and anonimity regulation “to protect minors” (but fact shows that they’re mostly concerned of copyright.)
Between January and March 2009 Luca Barbareschi (actor) and Gabriella Carlucci (anchor woman), proposed two draft laws whose declared intent was to enforce copyright protection by shutting down civil liberties.
To be clear:
– Mr. Barbareschi’s Proposal is aimed at create a “single point of cultural control” by granting the Italian State backed royalty collecting agency, the role of exclusive gateway between artists and market. Furthermore, Mr. Barbareschi’s draft law contains so loose statements about ISPs liability that the Government is allowed to do
basically whatever he wants.
– More dangerous, if possible, is Mrs. Carlucci draft law that wants to ban anonymity from the Net, refusing even to consider intermediate forms such as “protected anonymity” (where the ISP act as trusted third party).
Mrs. Carlucci want to establish a committee under the Communication Authority with power of interpreting Internet-related law (in Italy, only magistrates and the Parliament is supposed to), receiving “confidential notice” of infringement, acting as Alternative Dispute Resolution provider, counseling magistrates about the enforcement of preemptive activities ruled under rule of evidence code, like searches and seizure, termporary jail rescrition etc.)
If approved, these (draft) laws will cause the concentration of power in goverrment’s hands, by weakening the possibility (or the right) to defend ourselves in Court.
Another step toward the ethical state?
Italy To Enforce A Global Censorship Legislation?
a contribution to European Digital Rights Intiative‘s bulletin, EDRI-Gram
The Italian Senate approved – and the Camera dei deputati (Italian “Low Chamber”) is ready to finally pass – draft law 733 named Pacchetto sicurezza – “Security Package”, a series of (supposely) coordinated provisions aimed at improving, whatever that means, police bodies and public prosecutors powers.
Of course, the law wouldn’t have been complete without “taking care” of the Internet, and legislators didn’t lose the chance. Under sect. 50 bis of this forthcoming law, if a public prosecutor has “serious circumstantial evidence” of a criminal online activity (to be specific: inciting crime) he can ask the Minister of Home Affairs to issue a “shut down” order. This order, aimed at ISPs, simply shut down the “concerned” network resource with no trial. ISPs refusal to comply with Minister’s order should be fined with a penalty up to 250 000 Euros.
The provision is clearly flawed from a constitutional standpoint. The basis of every western democracy, indeed, is the separation of power, thus is not legally possible to have such a cross-jurisdiction mess between the public prosecutor (the judiciary power) and a Ministership (the executive power). Furthermore, there would have been a double trial for the same fact, one of which (the Home Affair Ministership one), done without the legal guarantee of a criminal trial (fair process, etc.).
But this is only the tip of the iceberg. Crime-inciting wrongdoing is very difficult to handle, since the border between free-speech and law violation is often blurred (would a website supporting freedom fighter of a country be – per se – inciting to commit crimes?). Furthermore, if ISP’s must prevent access to a network resource located outside their network (abroad, for instance) this would mean that the result will be achieved through deep-packet inspection, or similar, privacy threathning techniques. Thus – with the excuse of “protecting” Italian citizens – the D’Alia amendment (named after the MP that proposed it) is likely to be the first step toward a global censorship system. A Cassinelli amendment (again, from the MP name of its author) that followed the D’Alia one, tried to circumvent the above mentioned problems, but with no real changes in the substance of the matter and the political, net-phobic approach.
Italy had a “sound” tradition in trying to enforce citizen’s global surveillance systems through ISPs and telco operators, adopting every sort of justifications (from copyright, to child pornography, to online gambling and now to crime-inciting actions). Oddly enough, nevertheless, these “good intentions” fell always on innocent citizens’ shoulders, while true criminals stay absolutely free. Or, to put it straight: to (maybe) catch a few criminals, the whole nation network usage will be subjected to “third parties” – namely, ISPs – systematic scrutiny.
So long, human rights.