The Free and Safe in Cyberspace events series is wholly solution-oriented. We are solely aimed at finding a solution to Challenges A and B, through a concrete plans for new international socio-technical standards and certification body – meant to be effective within most current democratic legislative and constitutional frameworks – but coupled with non-essential and policy suggestions.
Months before our 2015 EU Edition, held in Brussels on Sept 24th and 25th, we requested proposals from speakers. In the week before the event, we collected and integrated such contributions, and we integrated suggestions speeches in keynotes and panels on the 24th, until, on Sept 25th, we produced a first comprehensive proposal that was presented by the Open Media Cluster, and discussed in its core requirements during in a dedicated Panel 5.
Here it is in its orginal version and in its latest LIVE version of a Proposal for a new international certification body
for ultra-high assurance IT communications services and targeted lawful access schemes Version 1.0 (gdoc)(originally presented in Brussels on Sept 25th 2015) Version 1.6 ((gdoc)(latest LIVE version, open for suggestions, by all)
Are wide investments in Challenge A realistic or sustainable
in the absence of a concurrent solution to Challenge B?
It has emerged that almost all western nations, including the US and most EU countries, have one or more lawful ways under which state security agencies can intrude on the privacy of millions of citizens without a court order, including some sort of mandatory key disclosure legislation.
Although their existence has been hidden, they are currently politically based on two justifications:
- (1) to preserve or restore the traditional lawful intercept capabilities that have been lost in cyberspace;
- (2) to perform dragnet or large-scale targeted surveillance in order to prevent or prosecute grave crimes.
The surprising public acceptance of the second justification is arguably dependent on the fact that currently it is the only way to achieve the first justification. The auspicable wide-market uptake of new high-assurance ICT standards and solutions is a challenge that may need to be solved concurrently with the challenge of devising ways to restore legitimate criminal investigation capabilities in cyberspace. It has become clear that citizens will choose perceived physical safety over cyber-privacy if given a stark choice. In fact, political and public opinion pressures to extend the outlawing or allowing subversion of such techs and standards would be huge, as they’ve been for decades, and would surely increase to become unbearable after major terrorist attacks, largely attributed to the use of such technologies. Such grave risks of legal sustainability comprise a major obstacle to private investment and public commitments in wide deployment of such high-assurance technologies and standards for the civilian market.
Current legislative frameworks
The legislation affecting high-assurance IT systems and lawful access systems is constituted of national laws, which are mildly influenced in their regulatory implementations by voluntary international public and/or private standards (Common Criteria, ETSI, NIST, etc.).
High-assurance IT services are regulated with the over-riding aim to prevent malevolent use, and therefore focused on limiting export (crypto export laws) and use of certain technologies, and increasingly their research (such as in the ongoing Wassenaar Agreement national implementations).
Lawful access processes, in both state security and civilian scenarios, are instead subject to very limited or inexistent technical regulation of the security of their technical infrastructure against abuse by state agencies on their citizens, or by external actors against such state agencies. They are subject to articulated, though largely inadequate, organizational and socio-technical regulations and oversight procedures. Multiple “Mutual legal assistance” treaties regulate the often-crucial international cooperation in pursuit of cyber-crimes. Such arrangements are so insecure and slow, taking often months, that most times workarounds “at the edge of legal” are deployed3 , which are overwhelmingly unregulated.
Although solving Challenge A would provide substantial societal benefits, the concurrent solution of Challenge A and Challenge B would provide substantially higher and more-sustainable societal benefits because of: the interdependency of constitutional mandates for public safety and constitutional rights for personal privacy; the need to reduce the chance of abuse of Challenge A by criminals, including third state actors; and the need for effective provisioning and investments in Challenge A to be legally sustainable, even though grave public safety crimes might be substantially aided, allegedly or actually, by the use of Challenge A.
Most law enforcement agencies (LEAs) in their (possibly self-serving) public claims and most e-privacy experts believe that Challenge A is already available to ordinary citizens, willing to sacrifice substantial money and/or usability. Almost all privacy experts believe Challenge B is completely impossible, and all discussions or proposals to find a solution are either nonsense, insincere or both.
Many believe that Challenge A is impossible or very uneconomical.
Most privacy experts, even those privately admitting there may be some way to solve Challenge B right, believe that such a possibility is so remote that we should not publicly investigate it, as it would increase the risk that states may deploy the wrong solutions.
A few experts believe that Challenge A is possible, or economical, but will never be or should never be sustainably widely available unless Challenge B is also substantially solved. Almost all LEAs and very few privacy experts believe Challenge B may be feasible by deeply exploring innovative socio-technical paradigms, relying on concepts such as: secret-sharing, multi-party computation in different jurisdictions, secret-sharing relying on-site processes rather than IT, provider management, independent standardization and oversight, citizen-witness processes, and more.
- Could the solution to such challenges – through the creation of international certification processes and open and resilient ecosystems – cement a future global leadership of EU values and EU industry in the most security- and privacy-sensitive areas of IT, such as personal communications, state security and defense, IoT and advanced artificial intelligence? How much of the new paradigms needed to solve Challenge A can help solve Challenge B?
- Can solving Challenge A be legally sustainable unless we solve Challenge B? Can the wide-scale investments needed to bring meaningful privacy to all be secured if these are legally unsustainable in time?
- Can the feasibility of solving such problems be dramatically reduced by aiming at computing services that are supplementary to current ordinary commercial devices? A sort of meaningfully private sphere, though feature-wise limited, alongside a digital public sphere for more general computing?
- What are the effects on public safety of the current wide unavailability of meaningfully secure IT devices? What are the effects on public safety and public interest of a possible future wide availability of meaningfully secure IT, and therefore resistant to scalable remote access by even public security agencies through lawful access requests?
- Can independent citizen-accountable, citizen-witness or citizen-jury organizational processes – from standard setting, to fabrication and key recovery oversight – substantially or radically increase the actual and perceived trustworthiness of setting standards and critical lifecycle phases of IT devices?
- Can a critical mass of international actors lead the creation of independent, citizen-accountable new standard, platforms and ecosystems for trustworthy IT that can underpin EU values and EU business global leaderships in security- and privacy-critical computing?
- Can an actionable path for Europe envision, from the short to the long term, to radically restore the access by citizen and businesses to private civic communications, to safeguarding critical defense infrastructure, to provide a unique competitive advantage, and long-term safety, for the most future critical EU Artificial Intelligence projects and services?