Digital rights, security and social impacts

(To Carlo Mauceli)

Science and technology are essential ingredients of everyday life.

The evolution of the human species can also be seen in terms of technological evolution and not only according to Darwin's law.

Like the steam engine that started the first industrial revolution, new technologies like artificial intelligence are changing society, the way we live and work. And like steam-powered railways, so also these new "inventions" need to be managed and, finally, regulated by the company.

To do this we need a strong society, a society that puts the citizen at the center, a society that deals with protecting human rights, going beyond proclamations and focusing on facts, on concreteness.

In fact, every new technology with a vast social impact will require new laws. Technology, on the other hand, is a tool that has a profound impact on people in both positive and negative ways. The more powerful the instrument, the greater the benefit or damage it can bring.

In order for people to believe and trust technology, we need to think beyond technology and face the need for stronger ethical principles, the evolution of laws, the importance of training people with new skills and even reforms of job market. If we want to get the most out of what such powerful technologies offer, all these things need to be put into a system.

When a revolution arrives, it has direct and indirect consequences on the economy and there are two ways to face it: fight it or manage it.

What you are witnessing, too often, when the opportunities inherent in change are not known, it is the will to fight all that is new by hiding behind false myths and ideologies. Among these, the most frequent conversations of these last months are:

  • the sovereignty of data in a European context (where instead the data should circulate freely);
  • an ever-increasing nationalism;
  • the guarantee of the location of the data itself even if, then, we are witnessing an escalation of cyber attacks that hit those who keep them in their own home, without being able to manage them correctly.

In the wrong hands each instrument can become a weapon.

In Geneva, in the far 1949, the convention on the protection of civilian persons in time of war was signed. Now, it seems that it is not understood that we are in the midst of a new conflict, the cybernetic one; a conflict that has overturned the parties involved and in which, through hackers, there are states that attack civilians even in times of peace.

This is why the call for digital peace signed in Paris is important, which has as its objective trust and stability in the cybernetic space and which insists precisely on the protection of rights in the digital sphere.

Experience shows that hackers attack democracies when they are weaker, interfering, for example, in a nation's political elections or manipulating their votes. Faced with this threat, collective action is needed that comes from both companies and governments.

It is necessary to train experts from cybersecurity of which there is a lack, it is necessary to have competent people in the key roles, it is necessary to invest in security and do not minimize the incident whenever an attack occurs. Unfortunately, Italy is currently one of the European countries with the highest gap between the skills required by the labor market and those actually available; it is one of the countries where it seems that the "cybersecurity" issue is not seriously addressed by anyone.

The 12 Maggio 2019, the Ombudsman for privacy, Antonello Soro, in his speech presenting the Report to Parliament, stated: "In the 2018, cyber attacks in the health sector have increased by 99%. The inadequate security of the data and the systems that host them can, in other words, be a cause of medical malpractice. The violation of the essential data protection rules can have deleterious effects on medical processes, all the more serious where those processes affect individual aspects: birth, death, parenting. Specularly, data protection is a determining factor of health efficiency, functional also to the correctness of the analytical process based on big data. From the accuracy of the data used in the algorithmic process depends, in fact, the "intelligence" of their choices, which can no longer tolerate errors in the diagnostic field ".

All true. We know it well and, on these pages, many times we raised the cry of alarm and pain, very often being even referred to as "heretics".

Therefore, faced with what happened in recent days, namely the claim by the hacker collective LulzSecIta, of the attack on the website of the Privacy Guarantor, we remain perplexed.

Certainly it was a demonstrative action but with a very important objective: the Privacy Guarantor.

A few hours earlier, the same guarantor had intervened on the case of the hacking of emails of thousands of Roman lawyers by Anonymous pointing the finger at security measures calling them "inadequate".

It is also true that, returning to the attack of LulzSecIta, since the first investigations, it was not technically the site, but an external application, or the old treatment register, the one where those who started a data processing, until the new regulation came into force, in May 2018 , was required to notify it. Data, therefore, already in the public domain. But this is not the case. In my opinion, the important thing is that once again you don't protect yourself in the right way, you don't prevent yourself, you don't think in line with the blatantly changed scenarios.

I have great respect for Antonello Soro and I think that this episode may be the spark because in the future the guarantor authority does all that is necessary to impose that companies, public and private, raise their security levels.

Photo: US Air Force / Quirinale