Critical Issues of the Conte-Huawei decree

TIM may use 5G equipment produced by Huawei, provided that it follows the rules dictated by the Presidency of the Council. Is national security safe? by Andrea Monti – originally published in Italian by Infosec.News

Background

On 7 August 2020, the Prime Minister’s Office issued a decree setting out the conditions under which Huawei can provide Italy, through former network monopolist TIM S.p.a., with its 5G infrastructure.

Apart from constitutional issues (yet another ‘creative’ use of the Prime Minister’s Decree, after the management of the COVID-19 lockdown) and political aspects (the decree would neither be a ‘surrender’ to China nor, therefore, a ‘betrayal’ of the Atlantic allies), the Conte-Huawei Decree raises several legal and technical doubts about its real effectiveness. Continue reading “Critical Issues of the Conte-Huawei decree”

August 21, 2020August 23, 2020

The TIM-Huawei Decree and the Chinese’knot untangling

The Italian Presidency of the Council sets the conditions to include Huawei’s technology in the Italian 5G network and might ease the overcoming tensions between the USA and China by Andrea Monti

The Prime Ministerial Decree of August 7, 2020, allows TIM (the former Italian telco monopolist) to use Huawei’s 5G technology, having identified adequate measures to prevent the risks of using Chinese equipment for Italy’s new generation network. This news follows, and contradicts, the exclusion of Huawei from the tender to provide TIM with the same 5G devices because of the need for “diversification of partners” (a requirement lately imposed by the Conte-Huawei Decree). Originally published in Italian by Formiche.net Continue reading “The TIM-Huawei Decree and the Chinese’knot untangling”

July 2, 2020July 2, 2020

GDPR compliance needs more incidents than fines

By Andrea Monti – originally published in Italian by Infosec News

I write this article in one of those rare moments when I indulge in the belief that computer security is something that should be taken seriously. I do not want to disrespect the many professionals who try to work by seriously helping customers and employers to “keep the ship going”. Nor, however, can I pretend to ignore what the cybersecurity market was and has become. Without many hackers, there would not even be the slightest improvement in security caused by these stunts.

Crime’s apology? Incitement to commit a crime? No, merely stating an objective fact: in the field of computer security, it is not the fines that induce legal compliance.

Pages: 1 2

May 26, 2020May 26, 2020

Project Gutenberg and the Crusader of Copyright

In the name of the new crusade against the “pirates of copyright” the public prosecutor of Rome seizes gutenberg.org, the site of the cultural project that digitizes and puts online copyright-free books. But neither the court nor the Guardia di Finanza has noticed. Is it a justifiable mistake? by Andrea Monti – originally published in Italian by Infosec.News
Continue reading “Project Gutenberg and the Crusader of Copyright”

May 2, 2020May 2, 2020

Platforms’ liability for news theft

by Andrea Monti (originally published in Italian by IlSole24Ore – May 1, 2020)

The criminal investigations against the unlawful distribution of newspapers, periodicals and books are interesting in several respects. Firstly, it is a step towards making those who commit a crime by hiding behind the screen of a smartphone, i.e. the user of a service, responsible for their course of action. Secondly, it focuses on “platforms”, i.e. those operators who “rely” on the access network to make profits and who therefore can immediately provide data to prosecutors and perform selective blocking. Thirdly, and as a consequence, it puts again on the table the issue of the actual (non) neutrality of platforms. EU Directive 31/00 is evident in this respect: operators who do not interfere in users’ behaviour must not perform pre-emptive monitoring. But those who, like platforms, are not “neutral” to those who use them should not be able to take advantage of this possibility, as has been happening for some time in Italy and Europe.

Hopefully, the European Union eventually decide to give platforms an autonomous legal status and liability. However, these criminal investigations create a legal precedent on another very technical but essential issue: the possibility of configuring a responsibility (whether under the criminal intent or other liability doctrines) for crime by design. The idea is simple: as in any human action, when somebody decides to do something, has to make sure that it does not cause damage and upholds the law. If somebody designs a platform (or a business model that exploits it) without mechanisms that prevent its illicit use, and the absence of these mechanisms is what makes my product/service successful, then he cannot deflect his liability.

In this specific case, therefore, it is necessary to understand the way Telegram works and assess, for example, if it is a provider of a press distribution service and then if the entire revenue generation model is based on service neutrality.

Finally, this case is the test-bed for that case law (Cass. penale, sez.II sent. 11959/20) that, after only twenty-five years from the first theoretical elaborations, finally recognizes the nature of “thing” to data and files. This jurisprudence opens the possibility to charge a defendant not only of copyright infringements but also of serious crimes such as money laundering or receiving stolen goods. In this case, it would be possible to claim more substantial charges for the perpetrators of the offences, and more dissuasive for those who have “nasty thoughts”.