Free and Safe in Cyberspace:
Beyond Privacy Shield

Thursday, July 21st 2016
At 177 Prince Street, New York, NY

Free and Safe in Cyberspace – US Edition 2016 is a workshop aimed at catalysing a constructive dialogue and a wide informed consensus on the role of new international non-governmental standards and certifications for ICT services with ultra-high levels of assurance – for communications, constitutional lawful access and artificial intelligence – that are able to grant unprecedented and constitutionallymeaningful* levels of e-privacy and e-security to all, while increasing public safety and cyber-investigation capabilities.

Conceived and organized by the Open Media Cluster, lead by Rufo Guerreschi, and co-organized by the EU EIT Digital Privacy, Security and Trust Action Line, lead by Jovan Golic.

The event is invitation-only. Under 20 seats are left.
Request an invite at info@free-and-safe.org

Program

  • 08.30 – Light breakfast
  • 08.50 – Intro by Rufo Guerreschi and Jovan Golic
  • 09.10 – Special keynote by Joe Cannataci, UN Special Rapporteur on the Right of Privacy.
  • 09.25 – Special keynote by Max Schrems, world-renowned EU privacy activits
  • 09.40 – Flash position statements by panelists with flash QAs
  • 10.00 – Panel on CHALLENGE A: How can we achieve ultra-high assurance ICT?!
    Is it feasible to provide ordinary citizens access to affordable and user-friendly complete ICT services with levels of trustworthiness that are meaningfully-abiding to the EU Charter of Fundamental Rights, as a supplement to their every-day computing devices?
    If so, how? What standards, standard setting and certifications processes can enable users to reliably assess their actual trustworthiness? What scale of investments are needed? How likely is it that they would sustainably be legally allowed?
    (See Backgrounder on Challenge A)

    • Moderator: Rufo Guerreschi
    • Debaters: Jovan Golic, Daniel Castro, Joe Cannataci, Yvo Desmedt, Rufo Guerreschi
  • 11.00 – Coffee Break
  • 11.15 – Special Keynote by Jovan Golic, on “EIT Digital and business opportunities in cyber security and privacy”
  • 11.35 – Flash position statements by panelists with flash QAs
  • 11.55 – Panel on CHALLENGE B: Can ultra-high assurance ICT services comply to lawful access request while meaningfully protecting civil rights?
    Can providers of ultra-high assurance ICT devise complaince mechanisms to lawful access requests, voluntarily – i.e. in addition to what’s required by selected jurisdictions – without significantly increasing risks for the privacy of users nor for public safety?
    If so, how? What are the core paradigms of such certification processes? (Backgrounder on Challenge B)

    • Moderator: Jovan Golic
    • Panelists: Daniel Castro, Max Schrems, Zachary Goldman, Joe Cannataci, Simon Halink, Rufo Guerreschi
  • 12.45 – QA with audience
  • 13.00 – Lunch break
  • 14.00 – Intro to Challenge C by Roman Yampolskiy
  • 14.10 – Flash position statements by Challenge C panelists with flash QAs
  • 14.40 – Panel on CHALLENGE C: Ultra-high assurance ICT and the future of AI?
    How can non-governmental ultra-high assurance ICT standards, and related socio-technical and governance models, spur sustainable AI-driven economic development and foster long-term AI safety?
    Can ultra-high assurance ICT standards, applied to the most critical deterministic sub-systems, contribute substantially to AI safety? (Backgrounder or Challenge C)

    • Moderator: Roman Yampolskiy
    • Panelists: John Havens, Rufo Guerreschi, Gry Hasselbalch, Joe Cannataci, Zachary Goldman.
  • 15.40 – QA with audience
  • 15.50 – Coffee Break
  • 16.10 – Flash position statements by panelists with flash QAs
  • 16.30 – Panel on CHALLENGE D: What are the national policy or international treaty options for ultra-high assurance ICT standards in critical societal domains?
    What constituent processes can ensure a timely, effective and democratically-efficient implementation – by a critical mass of actors – of meaningfully-enforceable national policies or international treaties for ultra-high assurance IT standards setting and certification processes?!
    (Backgrounder on Challenge D)

    • Moderator: Rufo Guerreschi
    • Panelists: Joe Cannataci, Max Schrems, John Havens, Simone Halink, Zachary Goldman, Bill Pace, Jovan Golic.
  • 18.00 -Summary of the day by organizers and QA with audience
  • 18.45 – END
  • 19.30-23.00 – Dinner for panelists, speakers and special guests

Past & Future Editions

  • On Sept 24-25th 2015, the 1st EU Edition 2015 was held in Brussels, with the support of great sponsors. It attracted amazing speakers, including the best IT security experts of Europe and US – including Bruce Schneier, Bart Preneel, Richard Stallman – and the most relevant EU defense, IT security and R&D institutions – such as the Head of Information Superiority of the European Defence Agency, the Deputy European Data Protection Supervisor, Deputy Head of Security & Trust of EU DG Connect, Exec. Dir. of ECSEL-JU, Senior Executive of the Future of Humanity Institute – as you can see from the report and the program with videos.
  • On Oct 16th 2015, a smaller 1/2-day Latin American Edition was then held in Iguazu, Brazil, with distinguished guests.
  • On Sept 22-23rd 2016, a 1st EU Edition 2016 will be held in Brussles, with great speaker already confirmed.

Intro

Recent evidence suggests that nearly all ICT devices and services are remotely, undetectably and scalably hackable by several actors, through state-sanctioned or state-mandated backdoors. As a consequence, citizens and institutions suffer a great loss of civil rights and sovereignty, while EU and US IT companies are struggling to seek ways to offer the levels of trustworthiness that both customers and constitutions require, by being able to innovate and differentiate themselves sustainably on the basis of measurable, provable, comparable and meanigfully-high levels of trustworthiness.

How vulnerable are autonomous ICT systems, moveable and not, to targeted or concurrent scalable attacks via their underlying low-level subsystems?

Can the paradigm “Trust but verify” still be a sufficient when the bribery, threatening or identity theft of a single person (rarely 2) in key role in the lifecyle of a single critical component or process can enable concurrent compromisation of every instance of a given critical IT system, including communication, state surveillance, or autonoumous moveable devices? Should it rather be “Trust or verify”, by deepening and extending oversight all the way to CPU designs and fabrication oversight? But how can that be made economical for wide spread adoption and compatible with feature and performance needs?

Are even key assets and capabilities of nations’ law enforcement, defense and intelligence themselves highly vulnerable to attackers – foreign, domestic and internal – due to the lack of sufficiently comprehensive, translucent and accountable socio-technical standards, such as in IT facility access, device fabrication or assembly? And when breaches – if ever found, and not illegally publicized – automatically become state secret?

We are told daily by nearly all privacy experts and government officials that we must to choose between meaningful personal privacy and enabling lawfully authorized cyber-investigations. But both are essential to democracy and freedom. What if it was not a choice of “either or”, a zero-sum game, but instead primarily a “both or neither” challenge? What if the extreme technical and oversight safeguards that we need to create ultra-high assurance ICT services and lifecycle, are much the same we need to safely enable “constitutional” lawful access to such systems?

Featured Speakers

  • Joseph Cannataci, UN Special Rapporteur on the Right of Privacy. Head of the Department of Information Policy & Governance at the Faculty of Media & Knowledge Sciences of the University of Malta. Chair of European Information Policy & Technology Law within the Faculty of Law at the University of Groningen.
  • Max Schrems. Leading Austrian privacy activist. He initiated a lawsuit questioning the complaince of the Safe Harbor agreement between EU and US, which lead to its invalidation by the Court of Justice of the European Union. He proposes “sector-specific solutions” to resolve the Safe Harbor log jam, and beyond.
  • Simone Halink. Co-chair of An Internet Safe and Secure Working Group of the Freedom Online Coalition. FOC is a group of 29 nations “committed to work together to support Internet freedom and protect fundamental human rights – free expression, association, assembly, and privacy online – worldwide“.
  • Bill Pace. Executive Director, World Federalist Movement-Institute for Global Policy (WFM-IGP). Convenor of the Coalition for the International Criminal Court (CICC) since 1995 . Steering Committee Member of the International Coalition for the Responsibility to Protect (ICRtoP).
  • Daniel Castro. Vice President Information Technology and Innovation Foundation (ITIF), co-author of the recent report on policies Unlocking Encryption:Information Security and the Rule of Law (pdf)
  • Zachary Goldman. Director of the Center of Law and Security at New York Law School. Previously served as Policy Advisor in the US Department of the Treasury’s Office of Terrorism and Financial Intelligence, and Special Assistant to the Joint Chiefs of Staff of the US Department of Defense. He is the co-editor of the comparative Intelligence Oversight: A Global View (link), and co-organizer of a related event on April 21st 2016.
  • Roman Yampolskiy. Renowned AI superintelligence safety expert and professor. Author of Artificial Superintelligence. His research is focused on AI Containment (i.e. isolation). Prof. at University of Louisville, known for his work on IT security and artificial intelligence safety. He holds a PhD from the University at Buffalo. Active in popular media channels.
  • John C. Havens. Executive Director of the IEEE Global Initiative for Ethical Considerations in the Design of Autonomous Systems. The newly launched Initiative aggregates top executives from leading global public and private AI entities (pdf) to define new international ethics, standards and ultimately certifications for AI to promote the public good (Mission pdf).
  • Yvo Desmedt. World-renowned cryptographer, and pioneer of threshold cryptography. Fellow of the IACR. Jonsson Distinguished Professor at University of University of Texas at Dallas, USA and Chair of ICT at University College London, UK.
  • Gry Hasselbach. Founder of the Global Privacy as Innovation Network, that views privacy and data ethics as economic and social investments. Founders and member of the board DataEthics.eu. Author of an an upcoming book, The Data Ethical Company.
  • Jovan Golic, Privacy, Security and Trust Action Line Leader of EIT Digital. Renowned cryptographer and IT assurance expert. EIT Digital manages, through 8 Action Lines, about 80M€ yearly of EU Commission funds for close-to-market IT innovation, research and education co-funding.
  • Rufo Guerreschi. Chief Scientist & Executive Director of the Open Media Cluster. OMC is the promoter the Trustless Computing Initiative, and the Trustless Computing Certification Campaign and founder of the Free and Safe in Cyberspace event series. Life-long activist for international democratization through and within the use of digital technologies.

DEFINITIONS: “Constitutionally-meaningful ICT“: We define a given complete ICT service as having a “constitutionally-meaningful level of trustworthiness” when it is confidently resistant to persistent attempts worth tens of millions of euros to compromise its life-cycle and tens of thousands to compromise a single user, by actors with high plausible deniability and very low practical liability.