Pro Huawei (and all national security technology providers)

Passed to manage national security problems caused by the use of Chinese technology,  a Prime Minister Decree dictates new and problematic rules for contracts negotiation in the Italian telco market by Andrea Monti – published initially in Italian by Infosec.News

This article analyses the issues related to the practical application of the Conte-Huawei Decree issued last August 7, 2020, which sets out the conditions under which TIM S.p.a. can use Huawei’s 5G technology, reducing to an acceptable level the national security risk also feared by the Italian Parliamentary Committee on Secret Services (COPASIR), after the alarms launched by the USA. The article highlights the critical issues arising from a legally incorrect approach and concludes that the solution adopted by the Italian Government is worse than the problem it tried to fix.

Before going ahead, however, it would be preferable to read another article that analyses the strategic problems affecting the Decree. Continue reading “Pro Huawei (and all national security technology providers)”

Prevention and Repression of Computer Crime against the EU: the problem is clear, the solution doesn’t

On May 17, 2019 the Council of the European Union has established

a framework which allows the EU to impose targeted restrictive measures to deter and respond to cyber-attacks which constitute an external threat to the EU or its member states, including cyber-attacks against third States or international organisations where restricted measures are considered necessary to achieve the objectives of the Common Foreign and Security Policy (CFSP).

In other words, this framework allows the EU to enforce a series of sanctions – including the prohibition of entry into the EU – to  those who attack the computer resources located in the Union from other countries. At first glance, everything would look normal and – all in all – acceptable. But since the devil is in the details, a more in-depth look at the matter reveals a few problems.

Firstly, the violation of the principles of due process: a computer attack is a crime and for sanctions to be applied to the culprits,  a proper trial is necessary. In the outline envisaged by the Council of European Union, this is not foreseen.  A blatant violation of the fundamental rights of the individual (also) recognized by the Nice Charter.

Secondly, even if the first condition is met, it must be remembered that in criminal matters the jurisdiction belongs strictly and solely to the national legislator. What cases and which penal codes or similar rules will be applied in order to decide whether we are dealing with an event which falls within the scope of the ‘framework’ laid down by the Council?

Thirdly, are we talking about public policy, state security or the defense of the interests of the Union? The question is not trivial because in the first case the “domain” is that of a hypothetical “EU Ministry of the Interior”, in the second of the hypothetical “European secret services” and in the third case of the “Ministry of Defense”. Ambiguously, however, the Council speaks of “discouraging” (i.e. “preventing”) and “opposing” (i.e. “reacting”) in order to achieve the objectives of the foreign policy “And” those of the common security. This means that “prevention” and “reaction” to the cyber attacks are instruments of “enforcement” of the foreign policy of the EU also independently of security issues.

Let’s get ready to face very interesting issues…

Public security, powers of the public security authority and information technology

Master of Science in Cybersecurity – Prof. Luigi V. Mancini

CYBERSURE
CYBERsecurity at Sapienza University of Rome Events

Public security, powers of the public security authority and information technology

Andrea Monti – Lawyer

 ?Affiliation: Adjunct Professor of Public Policy and Public Security Law at the University of Chieti-Pescara.

 ?May 13, 2019, from 16:15 to 18:30

 ?Aula II, ground floor of the building “ex-Facoltà di Scienze Statistiche” in “Città Universitaria”, Piazzale Aldo Moro, 5 (Rome).

 ?

Part 1. Technological public order and information security

Part 2. Public security and information technology

 ?

The pervasiveness of information technologies has repercussions not solely in terms of judicial activity, but also affects the management of public order – and therefore the exercise of powers attributed to the Ministry of the Interior in different areas and before the Judiciary intervention.

A modern notion of public order must necessarily take into account the issue of information security as its own constitutive element.

This seminar describes, starting from the analysis of the Consolidated Law on public security, the structure of the public security authority, and defines roles and powers and analyses the way in which this structure deals with the subjects of the information society. ? ? ? ? ? ? ? ? ? ? ? ? ? ?

In particular, it highlights the possible interactions between the State Police, Internet providers and platform operators Over the top.

Participation is free, however registration is required on Eventbrite by searching “Public security, powers of the public security authority and information technology”.

Upcoming Seminars at https://cybersecurity.uniroma1.it/cybersecurity-seminars

For any questions or further info, please visit https://cybersecurity.uniroma1.it or write to cybersecurity_info@uniroma1.it

LinkedIn:  ? ? ? ? ? ? ? ? ?Master of Science Cybersecurity Sapienza

Instagram: ? ? ? ? ? ?  ? ? @cybersecurity_sapienza

The CIA to provide evidence of HwaWei involvement with Chinese Military and Intelligence

Even if true, where is the beef? That HwaWei got funded by Chinese military and intelligence is not an issue. Do we already forgot the “Fritz Chip”, the use of (Western-sponsored) State malware in intelligence and criminal investigation and so on?

From a national security and public policy perspective, it is ? logic that a sovereign state explores all the possibilities to obtain superiority over its foes and “friend” too. Thus – if confirmed – the proof offered by CIA of HwaWei involvement with the national security apparatus shouldn’t surprise. Continue reading “The CIA to provide evidence of HwaWei involvement with Chinese Military and Intelligence”

An Australian Bill makes mandatory for IT companies to crack users’ encrypted messages

The Australian Parliament recently passed the ? Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 that might have a disruptive effect on the whole IT business, by forcing companies into designing unsecure hardware and software and weakening users’ confidence. Continue reading “An Australian Bill makes mandatory for IT companies to crack users’ encrypted messages”