The event aims to catalyse a constructive dialogue and a wide informed consensus on new international standards and certification governance bodies for ultra-high assurance end-2-end IT systems – for communications, constitutional lawful access and Artificial Intelligence – to deliver access to unprecedented and constitutionally– meaningful* e-privacy and e-security to all, while increasing public safety and cyber-investigation capabilities.
Organized by the Open Media Cluster and
the EU EIT Digital Privacy, Security and Trust Action Line.
Buy tickets now!
Recent evidence suggests that nearly all IT devices and services are remotely, undetectably and scalably hackable by several actors, through state-sanctioned or state-mandated backdoors. As a consequence, EU and US IT companies are struggling to seek ways to offer the levels of trustworthiness that both customers and constitutions require, by differentiating themselves sustainably on the basis of demonstrable an meanigfully-higher levels of trustworthiness.
We are told daily by nearly all privacy experts and government officials that we must to choose between meaningful personal privacy and enabling lawfully authorized cyber-investigations. But both are essential to democracy and freedom. What if it was not a choice of “either or”, a zero-sum game, but instead primarily a “both or neither” challenge, yet to be proven unfeasible?
Are key assets and capabilities of nations’ law enforcement, defense and intelligence themselves highly vulnerable to attackers – foreign, domestic and internal – due to the lack of sufficiently comprehensive, translucent and accountable socio-technical standards, such as in IT facility access, device fabrication or assembly? How vulnerable are AI-driven autonomous IT systems, moveable and not, to attacks via their critical socio-technical low-level subsystems?
Can the paradigm “Trust but verify” still be a sufficient when the bribery, threatening or identity theft of a single person (rarely 2) in key role in the lifecyle of a single critical component or process can enable concurrent compromisation of every instance of a given critical IT system, including communication, state surveillance, or autonoumous moveable devices? Should it rather be “Trust or verify”, by deepening and extending oversight all the way to CPU designs and fabrication oversight? But how can that be made economical for wide spread adoption and compatible with feature and performance needs?
The Event Series
The 1st EU Edition 2015 was held in Brussels on Sept 24-25th 2015, with the support of great sponsors. It attracted amazing speakers, including the best IT security experts of Europe and US – including Bruce Schneier, Bart Preneel, Richard Stallman – and the most relevant EU defense, IT security and R&D institutions – such as the Head of Information Superiority of the European Defence Agency, the Deupty European Data Protection Supervisor, Deputy Head of Security & Trust of EU DG Connect, Exec. Dir. of ECSEL-JU, Senior Executive of the Future of Humanity Institute – as you can see from the report and the program with videos. A smaller 1/2-day Latin American Edition was then held in Iguazu, Brazil on Oct 16th 2015, with distinguished guests. A 2nd EU Edition 2016 will be held in Rome on Sept 22-23rd 2016.
- Joseph Cannataci, UN Special Rapporteur on the Right of Privacy. Head of the Department of Information Policy & Governance at the Faculty of Media & Knowledge Sciences of the University of Malta. Chair of European Information Policy & Technology Law within the Faculty of Law at the University of Groningen.
- Simone Halink. Co-chair of An Internet Safe and Secure Working Group of the Freedom Online Coalition. FOC is a group of 29 nations “committed to work together to support Internet freedom and protect fundamental human rights – free expression, association, assembly, and privacy online – worldwide“.
- Bill Pace. Executive Director, World Federalist Movement-Institute for Global Policy (WFM-IGP).Convenor of the Coalition for the International Criminal Court (CICC) since 1995 . Steering Committee Member of the International Coalition for the Responsibility to Protect (ICRtoP).
- Zachary Goldman. Director of the Center of Law and Security at New York Law School. Previously served as Policy Advisor in the US Department of the Treasury’s Office of Terrorism and Financial Intelligence, and Special Assistant to the Joint Chiefs of Staff of the US Department of Defense. He is the co-editor of the comparative Intelligence Oversight: A Global View, and co-organizer of a related event on April 21st 2016.
- Roman Yampolskiy. Renowned AI superintelligence safety expert and professor. Author of Artificial Superintelligence. His research is focused on AI Containment (i.e. isolation). Active in popular media channels.
- John Havens. Executive Director of the IEEE Global Initiative for Ethical Considerations in the Design of Autonomous Systems. The newly launched Initiative aggregates top executives from leading global public and private AI entities (pdf) to define new international ethics, standards and ultimately certifications for AI to promote the public good (Mission pdf).
- Yvo Desmedt. World-renowned cryptographer, and pioneer of threshold cryptography. Fellow of the IACR. Jonsson Distinguished Professor at University of University of Texas at Dallas, USA and Chair of ICT at University College London, UK.
- Gry Hasselbach. Founder of the Global Privacy as Innovation Network, that views privacy and data ethics as economic and social investments. Founders and member of the board DataEthics.eu. Author of an an upcoming book, The Data Ethical Company.
- Jovan Golic, Privacy, Security and Trust Action Line Leader of EIT Digital. Renowned cryptographer and IT assurance expert. EIT Digital manages, through 8 Action Lines, about 80M€ yearly of EU Commission funds for close-to-market IT innovation, research and education co-funding.
- Rufo Guerreschi. Chief Scientist & Executive Director of the Open Media Cluster. OMC is the promoter the Trustless Computing Initiative, and the Trustless Computing Certification Campaign and founder of the Free and Safe in Cyberspace event series. Life-long activist for international democratization through and within the use of digital technologies.
The 4 Challenges
The event aimes at finding answers to this 4 Challenges:
- CHALLENGE A: How can we achieve meaningful ICT assurance?!
Can new voluntary international standards and certifications – within the EU Charter and most constitutional frameworks – provide ordinary citizens access to affordable and user-friendly end-2-end IT with constitutionally-meaningful* levels of trustworthiness, data security and privacy, as asupplement to their every-day computing services?
(See Backgrounder on Challenge A)
- CHALLENGE B: Provided that we can solve Challenge A, how can we ensure constitutional ICT lawful access?!
(B.1) Can new international non-governmental certification processes for end-2-end IT service providers – with sufficiently-extreme transparency, accountability, and oversight safeguards, such as multi-jurisdiction offline oversight processes based on peer-jury or peer-witness – ensure unprecedented and constitutionally-meaningful* levels of trustworthiness, effective onsite in-person lawful access, and prevent malevolent use?
(B.2) Similarly, can extreme third-party safeguards – enforceably adopted by states for their use of remote endpoint lawful access schemes (i.e., lawful hacking) – reduce, to acceptable levels, the risk of both grave compromisation of investigative processes and of highly-scalable abuse of innocent citizens?
(See Backgrounder on Challenge B)
- CHALLENGE C: How can new non-governmental ultra-high assurance socio-technical IT standards and certifications, and related licensing and governance models, promote a sustainable AI-driven economic development and long-term AI safety?
Can their early sector-specific adoption, by a critical mass of nations and companies, jump start an actionable path, from the short to the long-term, to (1) restore meaningful digital sovereignty to citizens, businesses and institutions, (2) cement their economic and civil leadership in the most security-critical IT and narrow Artificial Intelligence sectors, and (3) substantially increase the chances of utopian rather than dystopian long-term artificial intelligence prospects?
(Backgrounder or Challenge C)
- CHALLENGE D: What are the international policy and treaty options for ultra-high assurance IT standards in critical societal domains?
What constituent processes can ensure a timely, effective and democratically-efficient implementation – by a critical mass of actors – of meaningfully enforceable international policies or treaties for ultra-high assurance IT standards setting and certification processes?!
(Backgrounder on Challenge D)
(Definition: We define as having a “constitutionally-meaningful level of trustworthiness”, a given end-2-end IT service that is confidently resistant to persistent attempts worth tens of millions of euros to compromise its life-cycle and tens of thousands to compromise a single user, by actors with high plausible deniability and very low practical liability)