Free and safe in Cyberspace 8th edition
jan 28th, 2021
CONFERENCE - BACKGROUNDER
The World is rapidly turning into a Hacker Republic, where all economic and political power increasingly accrues to those state and non-state actors with the most informational and hacking superiority in personal communications, social media, financial and autonomous systems. Though total security and privacy can never exist, radical advances are possible and direly needed for the well-being of humanity and, possibly, its very survival.
Are personal freedom and public safety in Cyberspace truly an “either-or” choice, a zero-sum game, as nearly all seem to believe? Can we, as a society, truly choose between one and the other? Are these not instead, as they’ve always been, a “both or neither” challenge as we see the democratic institutions that should ensure our safety being eroded by hacking and manipulation of our IT system and social platforms?
But nation-states have not yet been able to solve this challenge. According to a UBS Group poll, cybercrime is the 2nd greatest concern of high net-worth individuals after their “country politics”. Meanwhile, a Gallup poll found that US citizens fear cybercrime twice more than any other crime. There appears to be a huge unmet need and demand.
Can the private sector succeed instead, within current legislation? Could such challenge be largely solved by ensuring an uncompromisingly untrusting approach – down to CPU design, chip fabrication oversight and certification governance models – be applied to both critical IT computing systems AND (voluntary in-person) legitimate lawful access compliance mechanisms, privately set in place to prevent criminal abuse?
Can this breakthrough enable leading private banks, leading IT companies and industry associations to turn cybersecurity from a threat into a competitive advantage and new business opportunities, and leading nation-states to radically reinforce their citizens’ digital sovereignty? Blackberry and Bank of America are looking to join forces to pursue such an opportunity. Could a European driven initiative outcompete them by leveraging Swiss and EU unique respect and appetite for digital privacy and security?
pre-CONFERENCE - program
The Free and Safe in Cyberspace Pre-Conference, earlier on the same afternoon (3-5 pm) and at the same venue of the 7th Free and Safe in Cyberspace Conference. (5-9 pm). The Pre-Conference is a round table with mostly-Swiss entities (or in some case individuals) interested to some preliminary or to an advanced extent to join as members, partners or supporting partners of the Trustless Computing Certification Body, in technical, end-user or governance roles, and with possible partial time-limited exclusivity. Discussions will be in the format of a round table, with slides, confidential and subject to Chatam House Rules.
The Pre-Conference aims are mainly to (A) coalesce a consensus on the basic tenets and paradigms and governance of a new to-be-established Trustless Computing Certification Body, and (B) lead a few more leading large banks, private banks, mobile device/equipment manufacturers, industry associations, enterprises, open secure IT firms to join our current R&D partners, in the form of founding members of such new body to be established di Swizterland in the next 2 months.
Confidential and in progress. If interested to join, please email email@example.com
Round Table Program
2.00 pm – Intro to the Trustless Computing Certification Body, by Rufo Guerreschi
2.20 pm – Intro by TCCB key partners and members
2.30 pm – Intros and Deliberative Discussions
3.45 pm – Conclusions
4.00 pm – End
In line with the stature of the speakers to the 7 previous editions, the 8th edition be centered on the 4 Challenges of Free and Safe in Cyberspace, but with a special emphasis on Switzerland, private banking and mobile security:
- Rufo Guerreschi. Exec. Dir. of the Trustless Computing Association. Creator of the Free and Safe in Cyberspace series, and founder of the spin-off startup TRUSTLESS.AI.
06:20 pm – Coffee break
- It is becoming evident that availability of IT for human communications, that provide constitutionally-meaningful levels of digital privacy, cannot be expected unless these will be reliably subject to government interception when legitiamately authorized to do so.
- Can providers of ultra-high assurance IT reliably and voluntarily (i.e. in addition to what is requried by law) offer compliance mechanisms for legitimate lawful access needs, while overall reducing risks for both privacy of users and public safety?
- If so, how? What novel paradigms, safeguards or certification processes are needed?
- Can the same extreme technical and human organizational safeguards – that are needed to ensure ultra-high levels of IT assurance – also enable “safe enough” voluntary compliance to lawful access requests – at least in some EU states – that overall reduce the risk of privacy rights abuse of end-users by anyone to levels that are radically or substantially lower than any of the other alternative secure IT systems (existing or in development) which do not offer such voluntary processing?
- Could the inevitable added risk be essentially shifted from technical systems to novel highly-resilient organizational processes? Could or should such processes rely on a IT provider-managed data/key recovery schemes that are certified and overseen by a (primarily non-governmental) radically citizen-accountable, independent and competent international certification body?
- Read more
06:50 pm – Coffee break
07:50 pm – Coffee break
Current attempts to radically increase the trustworthiness of critical IT systems are often centered on the pursuit of scientific breakthroughs in the area of artificial intelligence, quantum computing and cryptography, blockchains, and new protocols, such as zero-knowledge proof, and end-2-end and homomorphic encryption. Meanwhile, a few security-by-design or blockchain initiatives are taking a more holistic, short-term and trustless approach, centered on open, time-proven, battle-tested – yet future-aware – technologies and processes; transparent oversight down to critical hardware design and fabrication; a transparent resolution with extreme safeguards of the lawful access needs; and more accountable and resilient certification and ecosystem governance models.
08:20 pm – Coffee break
Recent calls for international treaties or new ethics for the trustworthiness of IT or AI systems – such as Tech Accord, Charter of Trust, Call of Paris or a Digital Geneva Convention – are crucial to raising awareness. Yet, none of them tackles head-on the need for trustworthy cybersecurity certifications to enforce the oversight of treaties or enact the principles of such declarations.
How can such certification bodies increase the resilience and “forensic friendliness”, to radically improve resistance against attacks and confidence about attacks attribution? What constituent processes can ensure a timely, effective and democratically-efficient implementation – by a critical mass of actors – of meaningfully-enforceable national policies or international treaties for ultra-high assurance IT standards-setting and certification processes?
8.50 pm – Drinks & Networking
10.00 pm – End fo Event