Venerdì 11 aprile sarò alla Camaera dei Deputati a presentare la nostra visione, iniziative e proposte per la creazione in Italia di un distretto per la privacy e il Web aperto. Segue sintesi della presentazione:

Yesterday, just before the Mobile World Congress 2014 in Barcelona, Google has announced with wide media coverage (Gigaom, ArsTechnica, VentureBeat), its latest mobile device innovation, Google Tango, a new smartphone with 3D sensors in the backface that provide kinect-like functionalities on the move and in the living room, for fun, games and beyond.

All of Tango’s capabilities, features and user experience have, for 3 years already, been fully part of the CivicPod, the core end-user device of our User Verified Social Telematics (UVST) R&D project, except the CivicPod provides substantial additional features and advantages, at a lower cost and while being to a wide extent Tango-compatible, albeit with lower performance. As UVST, Tango is also an open innovation project, developed with over 16 world private and public research centers.

In UVST, 3D sensors, such as those of Tango, are embedded in the CivicPod, a 3mm-thin Bluetooth-connected touch-screen device with 2 dual front-facing cameras with refractive lenses, that can be attached to the user’s smartphone through a custom rigid case, or to the TV frame though a dedicated docking station.

So therefore in addition to Tango capabilities, the CivicPod user can:

• Just buy a ultra-thin user-friendly multi-function peripheral embedding such Tango- compatible Kinect-like sensors, instead of buying a new dedicated smartphone, which brings to the user: huge cost savings, the ability to easily such port the sensors to its your next smartphone, the ability to use its smartphone while the sensors are active for on-TV living-room applications, and just 1.5mm of additional thickness.
• Access most of Tango applications, since for Tango SDK developers, wanting to port their apps to CivicPod, it is just a matter of adding Bluetooth APIs to the application, and account for very minimal delay added by Bluetooth connection.
• Access by default a Tango-compatible CivicPod application that enable its use as an highly-innovative, ergonomic and immersive «magic» touch-based control of on-TV content, available through a dedicated cheap CivicDongle, ChromeCast and other compatible TV-connected devices. – Through 2d front-facing cameras with refractive lenses, the position of the user’s finger tips above the CivicPod screen are tracked and relayed wirelessly to such TV-connected device and made visible on the TV screen as halos of varying size. Finger position information appears as a semi-transparent video-overlay stream on the TV screen that decrease in opacity and size as the fingers gets closer to the CivicPod screen. Touch events are also relayed to the CivicDongle to trigger touch events on the CivicDongle UI, and therefore on the TV screen. Therefore, overall the user gets the experience of «touch controlling» their TV from the comfort of his sofa (or bed), but while looking at all times to the TV screen instead of the CivicPod screen, including while typing on a virtual keyboard without having its finger hiding the key about to be pressed.
• Access to ultra-private mobile&desktop communications and social features, with other CivicPods, through UVST leading-edge end-to-end privacy-enhancing architecture, and unprecedented verification organizational processes, which even include “user-verifiable” hardware manufacturing oversight procedures that exceed those of US Dept.of Defense “Trusted Foundry Program”.

For more information see the UVST project web page.

Special independent Committee appointed by Obama reports a few days ago on NSA activities:

Based on the information provided to the Board, including classified briefings and documentation, we have not identified a single instance involving a threat to the United States in which the program made a concrete difference in the outcome of a counterterrorism investigation. Moreover, we are aware of no instance in which the program directly contributed to the discovery of a previously unknown terrorist plot or the disruption of a terrorist attack.

Additionally, under an extensive effort code-named GENIE, U.S. computer specialists break into foreign networks so that they can be put under surreptitious U.S. control. Budget documents say the $652 million project has placed “covert implants,” sophisticated malware transmitted from far away, in computers, routers and firewalls on tens of thousands of machines every year, with plans to expand those numbers into the millions.

http://m.washingtonpost.com/world/national-security/us-spy-agencies-mounted-231-offensive-cyber-operations-in-2011-documents-show/2013/08/30/d090a6ae-119e-11e3-b4cb-fd7ce041d814_story.html

In this video excerpt of a Dec 14th Columbia University talk hosted by Eben Moglen, Bruce Schneier, arguably the world foremost security expert, seems to squarely share the User Verifiable Social Telematics architectural approaches and tenets, developed by the Open Media Cluster, for the development and provisioning of innovative IT solutions that can reasonably aim to achieve resistance to “bulk” eavesdropping attacks even from extremely well-financed and skilled entities.

Listen to from minute 33.21 till 36.00, as Bruce Schneier describes what are the core paradigms to keep in mind to develop the service or solution that should be developed to resist such bulk eavesdropping. Here’s a summary of such video excerpt:

• Must truly be an end-to-end solution, including end-point equipment manufacturing oversight.
• Highest level of privacy is really about transparency of all processes involved, which indirectly but solidly ensure  user verifiability though (iterative( processes organisational and inspired by democratic accountability procedures, such as those practiced in proper ballot voting procedures.

Find pasted below some text excerpts from the latest version of UVST R&D Project Summary (downloadable from its web page) from which it is possible to desume the similarities in  approaches and paradigms:

BASIC COMPONENTS: The main components of UVST are: a cheap and thin touch-screen device (CivicPod), custom-built through a thorough security assurance process (CivicFab), which is attachable via a custom external case to any smartphone and via dock to desktop peripherals or comes optionally embedded into the custom-modified internal case of commercial smartphones (CivicPhone); bare-bone dedicated or compatible HDMI/USB TV-connected devices with extensive HTML5 and video rendering capabilities (possibly embedding FirefoxOS or OperaOS) with onion routing functionalities (CivicDongle/Box); one or more dedicated custom-built street-facing lab where all devices and server-side equipment are verified and assembled, and where new users are authenticated on-site (CivicLab); a dedicated server-room, inside each CivicLab, where all remote services accessible by CivicPod/Phone are hosted, all CivicDevices are flashed, whose remote access is disabled and whose on-site access is physically conditional on presence, and express approval, of 5 randomly-selected UVST users (CivicRoom); any willing service provider that manages and commercialised the UVST end-to-end service (CivicProvider), whose quality of service is regularly certified by a to-be-established organization (CivicAuthority) which is made up of leading independent global digital civil rights expert organizations and UVST user-elected representative, also responsible for the updating of the certification specifications.

PARADIGMS: Core to ensuring such levels of assurance will be: (A) fully open processes and technology, (B) extremely low features set and lines of code for all software stacks of both server and client and, especially, (C) innovative iterative organisational processes, and related procedures and technologies, inspired by best-practice paper-based ballot-box democratic election procedures, military-grade oversight procedures, democratic jury-based committee processes, and best-of-breed certification authority organizational models; applied to all phases of all processes involved in the service provisioning.

ASSUMPTIONS: Our approach to highest-standards privacy communication solutions, in a post NSA-surveillance scandal world, is centered on (A) the recognition of the overwhelming solidity of proper encryption, (B) the inherent weaknesses to eavesdropping of transnational IP networks backbones due to their huge and multinational geographical extension, (C) the high-probability of radical security remotely-exploitable weaknesses, and the inability to verify, in core software and hardware components of both mass-market and “high security” mobile and desktop and (D) the understanding that highest privacy is really not a product nor a service, but a set of iterative organizational processes that end up producing a user end-to-end communication experience.
It is therefore critical to extend the privacy-by-design and security-through-transparency paradigms to their full extent, by building processes for the provision of end-to-end communication solutions that aim to be trust-free, i.e. devoid of need of trust in anyone or anything, except self-guaranteeing transparent and accountable organizational processes, whose quality can be assessed by reasonably educated citizens of democratic countries.

“Security is a process and not a product. Products provide some protection, but the only way to effectively do business in an insecure world is to put processes in place that recognize the inherent insecurity in the products.” Bruce Schneier, 2000;

“Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.” Edward Snowden, 2013

“Ultimately, if you want to stop a burglar breaking through your front door, you don’t need a lawyer, you need a lock”. Neelie Kroes, Vice-President of the EU Commission, Dec 2013, (speaking about foreign state mass-surveillance).

CORE HW SECURITY: Given the grave risks that hardware or software vulnerabilities may be introduced during the manufacturing process, beyond-state-of-the-art verification and oversight processes and technologies – called (CivicFab) – will be applied for the production processes of the most sensitive hardware component of server-side and client-side devices involved in the service. CivicFab will match and exceed the security currently deployed by certain very powerful state security agencies for the most sensitive hardware components they need for the devices they need for highest-security scenarios. Here’s what the reportedly to today:

• Choose a manufacturer, located a specific country, which are both somewhat more trustable than others, which will agree to:

  • Make so that the requested hardware is all produced in a continuous batch (50,000 let’s say) in a short time span (a few weeks).

  • Allow, once a year (let’s say), about 20 competent, trained and trusted technicians to monitor and verify thoroughly the process for a couple of weeks.

In addition, to such state-of-the-art, the CivicFab process under the oversight of the CivicAuthority would add:

• Allow those technicians to publicly and completely document the process with videos, photos and more.

• Choose a chip design of low or mid performance, but very solid security, so as to have a wider choice of manufacturers and countries to choose from.

• Add at least 5 people that are randomly-selected among the UVST users, and at least 5 user-chosen technicians, to accompany the 20 technicians. They would be very well paid to take that time off, and are well trained and “self-trained” through open participatory processes.

Tor Project functionality (or other onion routing functionality) will be provided to protect the privacy of both voice and non-voice communication metadata. It will be directly or indirectly provided through a large number of entry and exit nodes (many hundreds) provided by the CivicDongles, the CivicRoom and related onion routing mirrors. Sophisticated per-user and behavioural traffic analysis countermeasures will be put in place, including: random off-setting of server connections between parties to the same Voip call; random generated spoofing and decoy voice-like and data-like traffic; and several other measures. Such countermeasures will become effective only when the user base will be both active and large (at least a few thousands of daily users for voice calls), especially if not using the Tor network.

AIMS: UVST aims to intrinsically (i.e. inherently) ensure that the actual software, protocols, hardware and procedures running “at any given time” at end-points and onion routing nodes – from the (re)-design phase to core HW components manufacturing processes – match that which is stated by the provider, allowed by applicable local (non-secret) laws and constitutions, and available for review by independent experts; and whose security, privacy and authentication levels has been openly developed and very very extensively assessed (paid, award-based and volunteer) by independent security top-experts, but especially by world-brightest ethical hackers and crackers. In fact, without their very active (paid and/or not) contribution it would unlikely to be able to have reasonable expectations to counter budgets and accumulated skill-sets of very extremely well-financed adversaries. 

http://motherboard.vice.com/blog/inside-the-effort-to-crowdfund-nsa-proof-email-and-chat-services

“What surveillance really is, at its root, is a highly effective form of social control. The knowledge of always being watched changes our behaviour and stifles dissent. The inability to associate secretly means there is no longer any possibility for free association. The inability to whisper means there is no longer any speech that is truly free of coercion, real or implied. Most profoundly, pervasive surveillance threatens to eliminate the most vital element of both democracy and social movements: the mental space for people to form dissenting and unpopular views.”

Bruce Schneier said in May 2013 :

You’d think that your privacy settings would keep random strangers from learning everything about you, but it only keeps random strangers who don’t pay for the privilege — or don’t work for the government and have the ability to demand the data. Power is what matters here: you’ll be able to keep the powerless from invading your privacy, but you’ll have no ability to prevent the powerful from doing it again and again.

One way to balance that disparity of power may be to campaign for laws requiring that:

• All that personal private data (Axciom and similar databases, NSA, etc) becomes accessible to everyone for free for non-commercial use, as advised by Morozov for NSA-collected data.
• A public agency with thorough direct-citizen oversight (citizens juries?) is delegated to ensure that such database was complete and updated with all the info of all powerful or rich citizens, and officials.
• User-controlled IT end-to-end infrastructure becomes widely available that ensures against tampering against the integrity of such data by the powerful, skilled and/or rich (similar to User-Verifiable Social Telematics)

Under US law, where judge rulings become integral part of the law, all data and communications of any foreign citizen, even a parliamentarian, can be legally accessed by US security agencies without a warrant, provided that they are stored in the US (or by a US-based company).

https://www.eff.org/deeplinks/2012/01/inter-parliamentary-union-condemns-government-investigation-member-iceland%E2%80%99s

While Ms. Jonsdottir’s specific situation is unique, many non-U.S. users of Twitter are rightfully unnerved. At least according to the magistrate and judge in Virginia, all of a users’ communications records can be subject to review by the U.S. government without a warrant because the users chose to use an online “cloud” service that stores data about them in the U.S.

Bruce Schneier, arguably the world top security expert, in todays post More on NSA Commandeering the Internet, report about the owner Lavabit, until a few weeks ago one of the world most private email service, with half million users:

Last month, Levison reportedly received an order — probably a National Security Letter — to allow the NSA to eavesdrop on everyone’s e-mail accounts on Lavabit. Rather than “become complicit in crimes against the American people,” he turned the service off.
…
It’s what happened next that is the most chilling. The government threatened him with arrest, arguing that shutting down this e-mail service was a violation of the order.

Schneier concludes:

Every Lavabit-like service that shuts down — and there have been several — gives us consumers less choice, and pushes us into the large services that cooperate with the NSA. It’s past time we demanded that Congress repeal National Security Letters, give us privacy rights in this new information age, and force meaningful oversight on this rogue agency.

I invite Dr Schneier to reason if even perfect new legislation can be sufficient to prevent, or even detect, continuous and wide-spread abuses to the privacy of citizens by NSA and others. Or if maybe the solution may be technological or, more precisely, in the procedural and organization processes behind private Internet service offering.

Even we had perfect (and non-secret) legislation in regards to Surveillance and its oversight, and even publicly-disclosed NSA internal regulations interpreting those laws, users of any Internet device, service or end-to-end solution may still have no reasonable or substantial way neither to detect nor to prevent wide and continuous violations of their constitutional rights.

The solution may reside in building large-scale no-profit end-to-end communication service offerings, and in particolare their procedural, organizational and certification processes, that do away altogether with the need for trust in anyone – as argued by Lawrence Lessig, and as is the basis of the security ballot boxes during well-run paper-based governmental elections – because the quality and precision of those processes, covering both devices and servers-side of a given end-to-end ICT service, intrinsically “auto-guarantee” their own constitutionality.

Here’s how such process could work as applied to server room management processes, in an excerpt from User Verified Social Telematics project:

The CivicRoom is a server room inside the CivicLab, that hosts the servers providing UVST services, the latest version of the CivicPod/Phone firmware and approved applications, and the keys that are necessary for law officers to decrypt communications and logs among UVST end users. In addition to state-of-the-art end-to-end security provisions, live streaming and many other transparency procedures, any physical access to the server room (CivicRoom) will be physically conditional to the presence and approval (through keypad locks) of at least a «jury» of 5-10 randomly-selected rotating users and/or with conflicting interests, in ways similar to the what is possibly the “most beneficial security invention of human history”, democratic procedures for polling stations and ballot boxes for well-run paper-based governmental elections. If an admin, rogue state agency and/or anyone wants to commit an illegal OR unconstitutional act in the server room, then each «jury user» – before, during or after – can type in their key pads their «emergency code» instead of their “access code”. If two of them do, then all user are automatically notified of a potential breach, if a majority of them do, then an automated procedure to make «scorched earth» as done by Silent Circle, possibly automatically switching the service to a P2P solution. It will not be detectable who of them typed the «access code» and who typed the «emergency code» of them did. In the case of unconstitutional access, but legal (secret or public law). The will therefore allow for effectively allow for peaceful civil disobedience actions to protect all users.

Who then guarantees and certifies the adequacy of the software, hardware and procedures, and updates those standards? It sure needs to be an extremely competent and independent body, let’s call it CivicAuthority. And who would then control the controllers? CivicAuthority may potentially accrue a huge power that need to be thoroughly checked, through effective and democratic organization procedure and body, let’s call it CivicOvershight.

Such organization could be intergovernmental but it would probably inspire more trust if it was non-governmental but thoroughly democratically accountable.

Here’s how such body could work, in an excerpt from the User Verified Social Telematics project:

The CivicAuthority, a global dedicated committee made mostly of leading IT security experts digital civil rights organizations – but also consumer, authors and content rights holders associations – also responsible for the updating of the certification specifications. It is run by proceeds from certification revenue and from % of revenue generated by CivicProviders. We’ll propose membership in order to: Privacy International, EFF, EPIC, CDT, Human Rights Watch, Amnesty International, Altroconsumo, and more. Such board would be re-elected by and accountable directly to an informed sample of ordinary citizens through deliberative polling(tm) procedures, CivicOversight.

If our hopes are in the politicians hands, we have little reason to hope. But with user-controlled user-verifiable auto-guaranteeing services, that enable digital civil disobedience, we can directly protect our freedom and affirm technologies and practices that improve even the ability of security agencies to promote their missions, proving that security and privacy are no zero-sum game, on the contrary.

I have no doubt that the only way to prevent humanity to destroy itself or, worse, entranch durable forms of inhumane global governance in the midst of environmental catastrophe, is to arrive in a timely manner to adequate global governance through adequate global constituent processes.

I have spend many year studying and working towards such goal. In the last few years I have worked more side-ways in respect to that goal, but I have kept thinking about it very much.

In short, I would suggest that promoting global democracy nowadays would require a few major paradigm shifts in world democracy proponents:

• We should drop the term “democracy”, in favor to “direct democracy” or other adjective. Democracy is becoming in the last few decades a very discredited name, and therefore global democracy activists should add some kind of adjective which does not refer to already tested and failed form of government to achieve governance that is both good and truly accountable to people, such as direct democracy (which includes the reversible election of a representative for given issues), or “continuous democracy” (too little known though) where everyone is able to exercise its share of sovereignty at any given time.
• We should drop the term “world federalism” altogether. It is either redundant or may be interpreted by most as a possible application of the subsidiarity principle which is unbalanced toward the smaller units, as for example in the case of European Union, or even separatists as Lega Lombarda in Italy.
• We should seriously evaluate if it is inevitable to reinvent a form of democracy that do away with the privacy of vote and “civic” communications. There is the possibility that technology evolution “may force use to choose between privacy and freedom”, as first argued by James Brin In fact, the only reasonable way to both (A) save us from constant and extremely thorough abuses of privacy by state agencies and other powerful actors, with resulting self-censorship, and (B) finally enable us to take advantage of the huge pptential of technologies to enhance the democratic efficiency of global (constituent and then) democratic processes, without the huge manipulation risks involved if vote (and civic online participation) is supposed to remain secret.

After years of skimming through the book, I finally got to the last chapter of by James Brin’s famous book “The Transparent Society – Will technology force us to choose between privacy and freedom?”.

I interestingly discovered that at page 332 of 335, he hints to the potential role of groups of randomly selected citizens (or juries) to ensure the transparency of IT management of those in power, public or private (see below), as a means to ensure that the actual reciprocal transparency between citizens and big powers actually matches the one stated by laws or by Terms of Service.

A very similar idea was presented in this 2007 blog post I wrote and constituted the core mission of Telematics Freedom Foundation that i founded, and it is now at the core of our User Verified Social Telematics project, being developed as an integral part of the
Open Web Next Project.

Here it the excerpt from page 332:

ADDED on Aug 28th 2013: Oversight of such randomly-selected citizens could be made more informad through processes such as deliberative polling methods, as we’d just added to our User Verified Social Telematics project.

Sunil Abraham, Exec. Dir. of Centre for Internet and Society India, has just posted on Forbes India a bright, deep and comprehensive analysis of the policy priorities in regard to large-scale surveillance abuses, and the civil rights AND economic rational for India to promote adequate policies, which may very well apply to Europe.

He furthermore convincingly argues how privacy and security are no zero-sum-game, but a prerequisite one of the other, as I also argued in a recent post. Privacy is a necessary but non sufficient condition of individual, collective and business security.

I believe though that “privacy by policy”- through appropriate laws and Terms of Use, even if perfectly implemented – may unfortunately end up creating just a dangerous smoke in the mirror, unless such laws also embed solid clauses inspired to the paradigms of “security by design” and “security through transparency”.

Service and technology providers, public and private, beyond a certain size, should be mandated to regularly submit, for review by experts AND anyone, all software, hardware, and especially procedures that affect in any way the security, privacy and authenticity levels of their offerings.

Such offerings would be evaluated according to regularly updated guidelines, managed by independent oversight boards, the ability of hardware, software and procedures – as well as the actual intensity and quality of independent security review – to intrinsically and inherently guarantee that the actual levels match the stated levels, at present and any given time in the past.

In fact, intrinsic “privacy and security by design”, devoid of any need for trust, was the core invention at the basis of the engineering of democratic political regimes, exemplified by the rule concerning proper ballot-box democratic voting procedures.

Just as the International Institute of Democratic and Electoral Assistance for decades has provided crucial and largely independent assistance and review for governments electoral processes world-wide, it could be advisable to promote the constitution of a similar – but even more independent and extremely competent – international body that may provide similar assistance, review and certification processes to improve and assess the actual levels of security, privacy and authenticity of communication service offerings by large public and private providers.

http://gigaom.com/2013/08/16/chromecast-gets-gesture-control-via-kinect/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+newteevee+%28GigaOM%3A+Video%29

Leon Nicholls, who previously experimented with local content playback, online shopping and other cool stuff on Chromecast, has managed to hook up his Kinect to a web app running on Google’s new TV stick.

We’ve had that (since 2010) in our Open Web Next project through our CivicPod (kinect functions +) and our CivicDongle (chromecast functions +).
But w/out google lock-in, more features, open Web access, beyond state-of-the-art privacy and security, and controlled by italian content rights owners and broadcasters:

www.openwebnext.com

These actions have been accompanied by a sea change in public opinion about surveillance. Poll after poll has shown that, for the first time ever, Americans think the government has gone too far in violating their privacy, with vast majorities believing the NSA scooping up a record of every phone call made in the United States invades citizens’ privacy.

While the administration certainly doesn’t believe Snowden is patriotic, Americans do. A Quinnipiac poll conducted this month found people agreed, 55 percent to 34 percent, that he was a whistleblower — a large margin that crossed party, gender, and age lines. A recent Reuters poll showed only 31 percent of the public thought he should be prosecuted.

Read more at:
http://www.politico.com/story/2013/08/edward-snowden-is-a-patriot-95421.html

Comments to this post:
Schneier on Security: Has Tor Been Compromised?

Prof. Ed Felten wrote on his blog on May 16th:

“The FBI argues that the Net is «going dark» that they are losing their ability to carry out valid wiretap warrants. In fact, this seems to be a golden age of surveillance, more collectable communications are available than ever before, including whole new categories of information such as detailed location tracking. Regardless, the FBI wants Congress to require that voice, video, and text communication tools be (re-)designed so that lawful wiretap orders can be executed quickly and silently.

Our report focuses in particular on the drawbacks of mandating wiretappability of endpoint tools – that is, tools that reside on the user’s computer or phone. Traditional wiretaps are executed on a provider’s equipment. That approach works for the traditional phone system (wiretap in the phone company’s switching facility) or a cloud service like GMail (get data from the service provider). But for P2P technologies such as Skype, information can only be captured on the user’s computer, which means that the Skype software would have to be changed to add a virtual «wiretap port» that could be activated remotely without the user’s knowledge.”

The User Verified Social Telematics (“UVST“) concept developed by the Open Media Cluster and the Telematics Freedom Foundation could step into this discussion and provide a win win solution for both defenders and opponents of this FBI proposal.

UVST service, provided in a non-commercial way that does not fall under the legislation for network operators (in Italy, and maybe US?), could provide for a solutions that allows state security agencies to access end-points, but only if they have a warrant (based on probable cause), by providing for an innovative technological and organizational infrastructure that intrinsically guarantees users from its abuse.

Provided UVST research project delivers on its aims and promise (far from certain!), I could see it possible and advisable, that (as a consequence of ongoing NSA surveillance revelations) such FBI proposal could be emended by Congress, in coordination with both FBI and civil rights associations, to provide strong incentives and disincentive that all Internet communication end-points (devices and server rooms) be UVST certified. At some point in the future, after many years of very successful large-scale UVST deployments, it may be even become advisable that all non-UVST encrypted Internet traffic be recorded, and possibly blocked by security agencies.

Such possibility may be jump started by Open Web Next, a 6,5M€ research project – aimed at developing a new modular multi-platform mobile&TV platform and ecosystem for the Italian market, based on dual-run time OS (or hybrid) devices running both FirefoxOS and UVST – that integrates UVST organizational, procedural and technical infrastructure as the core mechanism to guarantee both content security and user privacy.
It is being presented as a proposal to a Lazio Region Grant, lead by us of the Open Media Cluster, Open Media Park and Telematics Freedom Foundation. It’s co-promoted and co-coordinated together with the Fondazione Ugo Bordoni (the research arm of Italy’s Ministry of Economic Development) that is also a partner. These are some of its confirmed partners: Tre Italia (part of H3G, 4th mobile operator in the world), Center for Cyber Intelligence and Information Security Sapienza,(Italy’s leading Cyber Intelligence research center), Hermes (Italy’s leading technical and legislative digital civil rights experts, similar to EFF in the US),Progesi/BV-Tech (leading Italian IT defense and security contractor), Freemantle Media (the largest TV content producer in the world), UCLA School of Cinema, Television and Theatre Remap, Cedeo/WimLabs (di Leonardo Chiariglione), IT Media Consulting. We are in active and extensive discussion with Tivu/Tivusat (owned by Rai, Mediaset, LA7, the top 3 Italian broadcaster to evolve their joint satellite and internet platforms) and others. We plan soon to propose participation to EFF (or epic.org) and Mozilla (makers of FirefoxOS).

We are glad for any comment, suggestions, support and leads that can help us further this project.

Alla luce di queste dichiarazioni di Obama, (che potrebbero dare la linea al governo Italiano) la ricerca e sviluppo delle idee e finalità che sottendono al Concept User Verified Social Telematics (UVST) – nucleo dell’architettura di sicurezza della nostra proposta Open Web Next da 6,5M€ alla Regione Lazio- potrebbero fornire l’occasione e ingenti risorse per LE associazioni leader in Italia su questi temi da ambo le sponde, ovvero il Centro di Ricerca di Cyber Intelligence e Hermes, di analizzare estesamente e pubblicamente se ci siano soluzioni tecniche/procedurali (ma anche tecnico/procedurali-normative) che possano dimostrare come la questione non é un “gioco a somma zero” fra sicurezza nazionale e privacy dei cittadini.

http://www.primaonline.it/2013/06/18/118896/datagate-obama-raccolta-dati-nsa-e-trasparente/
“I programmi di sorveglianza elettronica della National Security Agency (Nsa) sono “trasparenti” perché soggetti a molteplici controlli da parte del Congresso e dei tribunali federali, ha detto il presidente americano Barack Obama, aggiungendo tuttavia che è necessario trovare un modo per rassicurare i cittadini sul rispetto della loro privacy. “Dobbiamo trovare il modo per dare assicurazioni al pubblico che ci sono controlli e bilanciamenti” sull’operato dei servizi segreti e “che le loro telefonate non vengono ascoltate, …. …. La verifica, ha detto Obama, è già cominciata. Obama ha quindi annunciato di aver dato vita ad una commissione per la difesa della privacy e delle libertà civili formata da cittadini indipendenti, per avviare un dialogo nazionale sulla questione. “Li incontrerò, perché intendo creare una struttura e lanciare un dibattito a livello nazionale”, anche su una visione più ampia dell’argomento, ha affermato. “Ritengo che il mio lavoro – ha quindi detto il presidente Usa – sia di proteggere il popolo americano, e anche di proteggere lo stile di vita americano, che comprende la nostra privacy“. (ANSA).”

Anzi, si potrebbe dimostrare come soluzioni tecnico/procedurali come UVST, basate sulla trasparenza auto-garantita intrinsecamente da procedure e tecnologie, possono aumentare sostanzialmente la sicurezza nazionale per numerosi motivi (tra i quali cito, ad esempio, l’aumento di sicurezza interna a i vari soggetti pubblici di sicurezza, e alle strutture di istituzionali a cui rispondono), oltreché la privacy degli utenti.

Tale soluzione, nelle finalità complessive della proposta Open Web Next, potrebbe divenire quindi una fondamentale vantaggio competitivo in Italia (e oltre?) di un piattaforma di comunicazione fruizione mediale mobile/TV italiana, che aggrega una massa critica di attori della filiera (detentori diritti, broadcaster/detentori, operatori mobili) e che si affianca alla piattaforma globale di openWeb/FirefoxOS.

Ovviamente ci sono poi enormi opportunità di applicazione per grandi provider di servizi web e cloud, di poter restaurare la loro credibilità non meramente con nuovi termini di utilizzo in adeguamento a leggi attuali o nuove che usciranno, ma attraverso sistemi che intrinsecamente assicurano il rispetto delle leggi (costituzionali …)