USA, China and the rule of law

Originally published in Italian by Formiche.net

The silent slaughter happening in Cold War II between China and the USA is that of the rule of law, the absolute primacy of the law, theorized by Cicero (legum servi sumus, ut liberi esse possimus) and applied in political practice since 1200 with the Magna Carta that required King John Lackland to respect the rules of “due process” – and therefore to stop throwing people in jail on a whim. The rule of law is the pillar of Western democracy. It guarantees a country’s democratic stability and “cuts” the world in two: freedom, on one side, might on the other one.

In a paradoxical inversion of sense, however, the U.S. turns into a news the mere charges against four Chinese researchers who, having not yet been convicted, are still protected by the presumption of innocence . China, for its part, complains about the violation of the human rights of its citizens committed by the U.S. However, in China, the fǎ zhì is read not as “rule of law” (法制) but as “rule by law” (法治). The two ideograms are pronounced almost in the same way but have a profoundly different meaning (see the seminal essay by Ignazio Castellucci “Rule of law and legal complexity in the People’s Republic of China” published by the University of Trento). The first ideogram translates “law as a system”. Therefore a concept similar to the Western “rule of law”. The second ideogram translates “law as an instrument” and therefore subject to the will of power. It is difficult, therefore, to speak of China as fostering the supremacy of fundamental rights, but it is precisely the violation of fundamental rights that China invokes about the charge of its researchers. Continue reading “USA, China and the rule of law”

Huawei, Tim and National Security

The exclusion of Huawei from the tender to build TIM’s new core network would be motivated by market choices and not by political issues. However, whatever the (real) reason, it is a worrying fact. The opinion of Andrea Monti, Professor of Law of Order and Public Security at the University of Chieti-Pescara – Originally published in Italian by Formiche.net

A laconic launch by Reuters informs that “Telecom Italia has not invited the Chinese group Huawei to participate in the tender launched in recent days for the construction of its core 5G network in Italy and Brazil, two sources report close to the situation”. A statement that sounds very as an excusatio non petita is reported by Repubblica.it, according to which company sources reveal that the choice “would have nothing to do with political aspects. However, “it only reflects an industrial choice that goes in the perspective of the diversification of the partners”.

If this were the real motivation, one would wonder why, for example, Microsoft (through Affirmed Networks), a company recently bought by the Redmond giant, was also invited. Through the Azure cloud infrastructure, the Microsoft Teams platform and the Office365 service Microsoft is already a pervasive presence inside Italian institutions and companies (just consider universities and justice, to realize the “weight” of this presence). Allowing a company that already controls so many critical sectors of our Country to extend its range of action also to the “core” infrastructures means contributing to the construction of a concrete vertical monopoly that can be worse than the (abstract) risk of potential espionage by Huawei, of which to date there is no specific evidence, at least publicly.

In strategic terms, the control of the executive over the technology industry has become part of the political arsenal of the States, and of the USA in particular.

In 2019, applying the executive order 13884 of President Donald Trump, Adobe had ordered the blocking (later lightened) of the functioning of its software in Venezuela. A measure, this one, concretely possible thanks to the now ubiquitous commercial model based on the “remote activation” of the software. Indeed, this model makes it possible to leverage the power conferred by the copyright regulations, to revoke at one’s discretion the right to use intellectual works – and therefore also the software.

The Schrems-Facebook case revealed severe concerns about access by US security apparatus to data of European citizens, and the Google-Huawei case is so well known that no further details are required.

In their diversity, these cases have one thing in common: they are instruments of pressure and deterrence of US foreign and security policy strategy. Which means, therefore, that nothing excludes the enforcement to Italy of measures of this kind, in case the interests of the two countries should, at a certain point, diverge. By the way, this is hardly a remote hypothesis, if only one considers the implications for Italy of being part of Belt and Road or not.

The problem with TIM’s choice, therefore, does not lie in the merit (if there were actual evidence of Huawei’s dangerousness, excluding it would undoubtedly be a “due act”), but in existence or not of a broader strategic policy relative to the protection of Italian national interests.

There are two cases: the Presidency of the Council “discreetly” inspired the exclusion of Huawei, or Telecom Italia took a fundamental decision for the security of the State in complete autonomy, without consulting with institutional summits.

In the first case, we would face a dangerous precedent that puts foreign investments in Italy at risk, since foreign companies would find themselves operating in Italy with industrial choices made based on Italian law that could be disregarded not upon a transparent regulatory process, but on the push of hidden political “suggestions”.

In the second case, the precedent would be even more severe: one of the largest Italian companies assumes a central role in determining the policies of digital sovereignty of the Country, deciding unilaterally who the interlocutors are and what are the acceptable risks for security and national interests.

Whatever the option, the result is that the long wave of American strategy in its Cold War II highlights the absence, in the Italian government, of a strategic vision on information technologies and its role in this not (yet) warred conflict.

Being part of an alliance as strong as NATO, which is not as politically robust, does not mean suffering the choices of the US, but helping to determine them by putting Italian interests on the table.

In other words: if Huawei’s Italian announcement is the result of a well-thought political strategy aimed at achieving an advantage for our Country, it is to be welcomed and, indeed, speeded up. If, on the other hand, it was a simple acquiescence to the request of a country of which we are allies, but which has as a side effect the increase in the de facto power of the USA over Italy through technological and industrial control, perhaps at least Parliament should have had its say.

The only thing we cannot afford is that choices like the ones we are witnessing happen without a clear strategy.

5G propaganda and the urgency Italy to chose whose side is she on

England confirms itself as the bridgehead of American foreign policy in Europe and follows the USA in the Huawei ban. France adopts partial restrictions, but Italy – as always – does not decide and gets lost in the “cybernetic security perimeter”.
by Andrea Monti – Professor in charge of Law and Order and Public Safety, University of Chieti-Pescara – Originally published in Italian by Formiche.net

In the now openly declared Cold War II between the USA and China, 5g is one of the battlefields where trench warfare with an early nineteenth-century flavour is fought. Armies lined up in front of each other, skirmishes, attacks and retreats of both sides, waiting – or hoping – that one of them will “give in”. And in the wait, each seeks a way to open new fronts to weaken the force displaced on the main one. Continue reading “5G propaganda and the urgency Italy to chose whose side is she on”

GDPR compliance needs more incidents than fines

By Andrea Monti – originally published in Italian by Infosec News

I write this article in one of those rare moments when I indulge in the belief that computer security is something that should be taken seriously. I do not want to disrespect the many professionals who try to work by seriously helping customers and employers to “keep the ship going”. Nor, however, can I pretend to ignore what the cybersecurity market was and has become. Without many hackers, there would not even be the slightest improvement in security caused by these stunts.

Crime’s apology? Incitement to commit a crime? No, merely stating an objective fact: in the field of computer security, it is not the fines that induce legal compliance.