The Datagate Legal Implication under German Law

An interesting article from Axel Spies, a Washington-based ICT lawyer, assesses the impact of the US spying over the German Chanchelor, Angela Merkel.

Here is an excerpt from the “Conclusion” section:

Most Blog participants were more pessimistic about the legal remedies having any leverage against spying. To quote a key statement in the Blog: “What Germany can “legally” do against wiretapping is likely to be on a similar level as asking what Pakistan can do ” legally” against U.S. drone attacks on its territory. Politically, maybe some counteraction in the areas of punitive tariffs on imports from the U.S. or the termination of international treaties is conceivable. But this is less a question of being allowed, rather than being able to follow through with sanctions and thus hardly the subject of a legal discussion.” Müller further added this observation: “If there were an effective counter-espionage [in Germany], also against supposed “friends” [in the U.S.], then it would hardly be possible to spy on the head of a befriended government’s private and political communication.”

The freedom of being a stone-age man or I don’t want to live “smart”

One of the most revealing books I’ve read (that I translated into Italian for local publisher) is Alan Cooper‘s The Inmates are Running the Asylum. Is a book about programming and the fact that core decisions come from a bunch of geeks working down below the basement of the company’s building, while marketing and PR guys occupy the fancy upper floors (have you seen the British sit-com “The IT Crowd“?) Continue reading “The freedom of being a stone-age man or I don’t want to live “smart””

Aggregate data and Italian Data Protection Authority

An Italian Data Protection Authority decision issued on June, 25, 2009 set the deadline of Sept. 30, 2009 for telco operators and ISPs that must notify the Data Protection Authority the list of their mining activities executed on customers’ aggregate data (such as traffic volumes, paths and so on.) The aim of this decision is to spot illegal (at least, under Data Protection Authority opinion) data handling “masked” by activities performed to keep the infrastructure running

The Data Protection Authority, after having received the information, will decide what can be still done without informing the customer, what can be done AFTER having informed the customer and obtained his approval and what cannot be done at all. Furthermore, the Data Protection Authority will release a set of technical and management rules to ensure the concerned subjects’ compliance.

If these new set of rules will mimic those recently established for data-retention purposes and system administrators, telcos and ISPs will face again a mayhem of useless bureaucracy so hard to understand that the Data Protection Authority itself did release a FAQ to explain what these regulation actually meant (and we’re still waiting for the FAQ interpretation.)

Although the decision is limited to the Internet and telephony world, it is clear that in the near future it will affects too energy firms, banks, insurance companies and, in general, everybody who relies upon aggregate data to tweak its supply chain of services.

Once again, the Italian Data Protection Authority is proved to be one of the biggest blocking factor of Italian telco market, while not granting citizens some sort of protection.

Italy To Enforce A Global Censorship Legislation?

a contribution to European Digital Rights Intiative‘s bulletin, EDRI-Gram

The Italian Senate approved – and the Camera dei deputati (Italian “Low Chamber”) is ready to finally pass – draft law 733 named Pacchetto sicurezza – “Security Package”, a series of (supposely) coordinated provisions aimed at improving, whatever that means, police bodies and public prosecutors powers.
Of course, the law wouldn’t have been complete without “taking care” of the Internet, and legislators didn’t lose the chance. Under sect. 50 bis of this forthcoming law, if a public prosecutor has “serious circumstantial evidence” of a criminal online activity (to be specific: inciting crime) he can ask the Minister of Home Affairs to issue a “shut down” order. This order, aimed at ISPs, simply shut down the “concerned” network resource with no trial. ISPs refusal to comply with Minister’s order should be fined with a penalty up to 250 000 Euros.
The provision is clearly flawed from a constitutional standpoint. The basis of every western democracy, indeed, is the separation of power, thus is not legally possible to have such a cross-jurisdiction mess between the public prosecutor (the judiciary power) and a Ministership (the executive power). Furthermore, there would have been a double trial for the same fact, one of which (the Home Affair Ministership one), done without the legal guarantee of a criminal trial (fair process, etc.).
But this is only the tip of the iceberg. Crime-inciting wrongdoing is very difficult to handle, since the border between free-speech and law violation is often blurred (would a website supporting freedom fighter of a country be – per se – inciting to commit crimes?). Furthermore, if ISP’s must prevent access to a network resource located outside their network (abroad, for instance) this would mean that the result will be achieved through deep-packet inspection, or similar, privacy threathning techniques. Thus – with the excuse of “protecting” Italian citizens – the D’Alia amendment (named after the MP that proposed it) is likely to be the first step toward a global censorship system. A Cassinelli amendment (again, from the MP name of its author) that followed the D’Alia one, tried to circumvent the above mentioned problems, but with no real changes in the substance of the matter and the political, net-phobic approach.
Italy had a “sound” tradition in trying to enforce citizen’s global surveillance systems through ISPs and telco operators, adopting every sort of justifications (from copyright, to child pornography, to online gambling and now to crime-inciting actions). Oddly enough, nevertheless, these “good intentions” fell always on innocent citizens’ shoulders, while true criminals stay absolutely free. Or, to put it straight: to (maybe) catch a few criminals, the whole nation network usage will be subjected to “third parties” – namely, ISPs – systematic scrutiny.

So long, human rights.