The use of the services of electronic communication to commit illicit and politically destabilizing acts is a serious and concrete problem. However, the solutions proposed at national Community level – especially for the way in which they are presented – raise doubts and concerns about their collateral effects on the exercise of the rights guaranteed by the Constitution.
Hacker
Italy has a national cyber security strategy
by Arturo Di Corinto
One can discuss, individually, the correctness of the single measure or the need to balance opposing interests and therefore find a practically acceptable compromise. However, taken together, these political choices convey the distinct perception of being inspired by the well-known principle of “the end that justifies the means” – or that of “don’t go too thin”.
Therefore, it does not matter that the legal responsibility lies with whoever commits an offense and not with third parties unrelated to the fact. It is irrelevant that all users should be considered “suspected by default” a regardless of their actual involvement in illegal actions both a choice that recalls other times and other regimes. It is of marginal importance that only a judge can decide on the rights guaranteed by the constitution and not a platform or, worse, an organized group of professional “signalers”. The fact is that “in the name of the protection of rights”, the European Union it has promoted initiatives that endanger the very rights it intends to protect.
Do we still need hackers in cybersecurity?
by Andrea Monti
I casualty of war I am the evergreen “Protection of minors”flanked by the equally ubiquitous “Fight against piracy” and, more recently, by the discovery of the need to āfight the fake news“That threaten the survival of democracy.
The responses to this “state of emergency” consisted in proposing a ban on the client-side encryption (encrypting content directly on your terminal, before sending), in the financing of a European DNS resolver, in proposing the immediate blocking of unauthorized streaming of the filming of sporting events, in the creation of a reporting system based on the so-called āTrusted flaggerā – structures analogous to whistleblowers of Roman law.
Ethics, law and information technologies
by Andrea Monti
The common denominator of these proposals is the “filtering” which translated into more concrete terms means preventive and indiscriminate control of all network users prima e regardless from the possible commission of an illegal act.
Pragmatically, one could say, the amount of offenses committed through electronic communications services is so high that – even if they wanted to – there would not be enough investigators and judges to manage the trials. Consequently, it would be inevitable to find alternative routes and involve access operators, asking them to intervene “preventively”. However, “prevention” is a very delicate concept, because actions of any kind can be justified in its name, including doctrines such as those of “preventive war”. From another point of view, the legal obligations of control and removal of the contents that will be imposed on the platforms translate, in fact, into transfer to a private entity of power from to decide what is legal to do and what is not. Overall, therefore, we are faced with the renunciation of the institutions to exercise judicial power.
In light of these considerations, we should ask ourselves if we are truly willing to abandon the right to be tried by a court on charges of having done something, in favor of the systematic and preventive control of our every behavior because we could – we could – do something wrong.
Also in Italy there are, and not from today, similar initiatives both on the judicial and on the regulatory side. They are not animated by repressive impulses, but by a set of poor knowledge of digital dynamics and the need to “do something”, as long as it is. In fact, therefore, judicial and regulatory measures lend themselves to probably unwanted effects from those who propose them, yet afflictive of constitutional freedoms.
After confirmation by the Supreme Court that the query to the DNS of Italian citizens to block those directed to foreign resources and therefore not immediately reachable by the authorities, since 2009, “blackout seizures” have become a widely followed shortcut, instead of following the high road of recourse to international judicial cooperation. Waiting for the various proposals (AC-1357 – Butti, AC-2679 – Zanella, DDL AC-2188 – Capitanio) to transform this questionable judicial practice and unacceptably shift to the access operators obligations and heavy responsibilities that should instead concern those who commit the offense, not third parties, the Communications Authority has recently started the process to implement the legislation on “parental control”. Established by decree law 28/20 and then converted, the measure was hastily qualified as a “porno filter” but in reality much more extensive and worrying. The norm, in fact, yes applies indiscriminately to illegal content (such as those whose dissemination is punished by the Criminal Code), prohibited to minors (and therefore lawful for adults) or “inappropriate” (a category completely absent from the legal vocabulary of the sector).
As he pointed out the Italian Internet Provider Association by responding to the consultations initiated by the authorities and to the draft guidelines, operators cannot be obliged to decide in advance what users can have access to and what not. Both because this would translate into substituting parents in the exercise of parental authority, and because it would mean making a preventive āethicalā choice with respect to whether or not to use certain contents. Deciding whether a content should be removed can only be up to the judge (who already has the power to do so). Establishing what is āappropriateā to show to minors is a matter already entrusted, for cinema, to the āCommission for the classification of cinematographic worksā. If you really do not want to put the user in a position to choose their own blacklists independently or require content providers to mark what they publish according to a similar classification criterion, nothing would prohibit attributing similar prerogatives. to the Communications Authority. In this way it would be clear “who” is banning “what” and “why”.
To be clear: the (very) worrying aspect of the European and national political / legal scenario is not the choice in itself to adopt countermeasures to protect the rights of individuals and companies, but rather the way and the method. It has long been an established fact that the security of digital infrastructures is managed with the necessary and indispensable contribution of the private sector. However, continuing to treat access providers as a scapegoat is certainly not the best way to find shared, effective and sustainable solutions. But most of all it does not serve to avoid economic damage and protect the victims of heinous crimes.
—
Full disclosure: the author collaborated with the Italian Internet Provider Association in the parliamentary hearing on pirated IP TVs and in preparing the responses to the AGCOM consultation on parental control.