EDPS Guidelines on controllers, processors and joint controllers

On 7 November 2019 the European Data Protection Supervisor published their guidelines on the concepts of controller, processor and joint controllership. While the EDPS is the supervising authority for EUI (European Union Institutions), whose data protection activities fall under Regulation 2018/1725 and not the GDPR, the document is of importance… Continue reading

EU Strategy on Artificial Intelligence

The European Commission published on April 25 2018 a Communication outlining the strategy of the EU for Artificial Intelligence. This post looks at the document, its structure and main points. While the first two chapters deal with a general introduction an AI scenarios and Europe’s competitive posture in the international… Continue reading

e-Privacy XXI – Lucca 2017

e-Privacy is a biannual conference organised in Italy on the themes of privacy, security and surveillance. On June 23 2017 I prented at e-Privacy XXI a talk that is part of an ongoing research on cyber sovereignty and the role of nation states in Internet governance and cyber conflict. In his “Declaration… Continue reading

EU-ASEAN Cyber Policy

In early march 2016 I was invited to speak about cyber policy at two important meetings in Jakarta, Indonesia. On March 1 I participated in the the Policy Dialogue Roundtable Meeting with representatives of TELSOM (the ASEAN Telecommunications Senior Officials Meeting) organized by the National Electronics and Computer Technology Center (NECTEC)… Continue reading

The European Court Strikes One for Privacy

Early this year the European Court of Justice declared the 2006 EU Date Retention Directive invalid. This is a very important turning point in the ongoing tug-of-war between privacy rights and security concerns, possibly a reversal of the tide that has been mounting since the beginning of the century. The… Continue reading

Critical Infrastructure Protection: a legislation review

In this post I try to trace the evolution of EU legislation regarding Critical Infrastructure Protection, with some special attention to the Italian implementations. In any case the bulk of the regulations and laws in this field finds its origin at the European level. The main motivation behind Critical Infrastructure… Continue reading

EU Directive on Cybercrime ready for Parliament’s first lecture

The directive proposal on cybercrime (attacks against informations systems), and the amendments intrduced by commitees (LIBE in particular), will have its first reading by the Plenary of the European Parliament next July 1st, according to latest forecasts. EDIT: Reading is now scheduled for July 3rd, and the vote for July 4th Continue reading

UE cybercrime directive proposal – Europarliament amendments

(Italiano) La proposta di direttiva UE sul cybercrime di cui abbiamo parlato in un post precedente, è attualmente in attesa della prima lettura da parte del parlamento ed è stata oggetto il 4 ottobre 2011 di una udienza della commissione Libertà civili, giustizia ed affari interni (LIBE). I partecipanti hanno fornito uno spaccato delle diverse posizioni esistenti sul testo (nessun italiano era presente), vista la loro eterogenea provenienza (organizzazioni transnazionali, settore privato, istituzioni nazionali ed europee, università, gruppi di interesse). Continue reading

New EU directive proposal on cybercrime

The EU Commission presented in 2010 a directive proposal – to be examined by the European Parliament – “on attacks against information systems”. The proposal is currently awaiting its first reading by the EP, but was the object of a hearing by the Civil liberites, justice and internal affairs commiteed… Continue reading