Events

On 22 June 2012 Tech and Law Center organized a conference at the Politecnico di Milano with Alessandro Acquisti on the Privacy in the Age of Augmented Reality. In his talk, Prof. Acquisti highlighted two streams of research he is conducting at Carnegie Mellon University: the “behavioral economics of privacy,” and the study of privacy and disclosure behavior in online social networks.
Tech and Law Center is proud to welcome Alessandro Acquisti on the Privacy in the Age of Augmented Reality at the Politecnico di Milano, Aula Osvaldo De Donato, on 22 June 2012 at 14.30. In his talk, Prof. Acquisti will highlight two streams of research he is conducting at Carnegie Mellon University: the “behavioral economics of privacy,” and the study of privacy and disclosure behavior in online social networks.
First, he highlighted how research in behavioral economics can help us make sense of apparent inconsistencies in privacy (and security) decision-making, and will present results from a variety of experiments in this area he conducted at Carnegie Mellon University. Then, he discussed the technical feasibility and privacy implications of combining publicly available Web 2.0 images with off-the-shelf face recognition technology, for the purpose of large-scale, automated individual re-identification. Combined, the results highlight the behavioral, technological, and legal challenges raised by the convergence of new information technologies, and raise questions about the future of privacy in an augmented reality world.
Alessandro Acquisti is an Associate Professor at the Heinz College, Carnegie Mellon University, and the co-director of CMU Center for Behavioral Decision Research (CBDR). His research focuses on the economics of privacy. His studies have spearheaded the application of behavioral economics to the analysis of privacy decision making, and the analysis of disclosure behavior and privacy trade-offs in online social networks. Alessandro has been the recipient of the PET Award for Outstanding Research in Privacy Enhancing Technologies, the IBM Best Academic Privacy Faculty Award, the Heinz College Award for Teaching Excellence, and multiple best paper awards. He is a member of the National Academies’ Committee on Public Response to Alerts and Warnings Using Social Media and Associated Privacy Considerations, and has held visiting positions at the Universities of Harvard, Rome, Paris, and Freiburg, at Microsoft Research in New England, and at Google. He holds a PhD from UC Berkeley, and Master degrees from UC Berkeley, the London School of Economics, and Trinity College Dublin.

The programme of the event is available here.

The press review of the event is available here.

The slides of the event are available here.

Radio 24-22.06.2012
http://www.radio24.ilsole24ore.com/main.php?articolo=usa-privacy-web-dati-acquisizione-attivita

La Stampa-23.06.2012
http://www.lastampa.it/_web/cmstp/tmplrubriche/tecnologia/grubrica.asp?ID_blog=30&ID_articolo=10577&ID_sezione=38

Robert Sloan earned his PhD from MIT in the area of computational learning theory under the supervision of Ron Rivest. He has been at the University of Illinois at Chicago (UIC) since 1990, except during a stint as program director for theory of computation at the National Science Foundation. He is currently Professor and Department Head of the UIC Computer Science Department. His current research interests include (1) public policy and legal problems relating to computer security and privacy, and (2) problems at the boundary of theoretical computer science and artificial intelligence, especially knowledge representation.

Unauthorized access to online information costs billions of dollars per year. Software vulnerabilities are a key. Software currently contains an unacceptable number of vulnerabilities. The standard solution notes that the typical software business strategy is to keep costs down and be the first to market even if that means the software has significant vulnerabilities. Many endorse the following remedy: make software developers liable for negligent or defective design. This remedy is unworkable. We offer an alternative based on an appeal to product-risk norms. Product-risk norms are social norms that govern the sale of products. A key feature of such norms is that they ensure that the design and manufacture of products impose only acceptable risks on buyers. Unfortunately, mass-market software sales are not governed by appropriate product-risk norms; as result, market conditions exist in which sellers profitably offer vulnerability-ridden software. This analysis entails a solution: ensure that appropriate norms exist. We contend that the best way to do so is a statute based on best practices for software development, and we define the conditions under which the statute would give rise to the desired norm. Why worry about creating the norm? Why not just legally require that software developers conform to best practices. The answer is that enforcement of legal’s requirement can be difficult, costly, and uncertain; once the norm is in place, however, buyers and software developers conform on their own initiative.

A few months after the important resolution that will allow the city to take advantage of a free Wi-Fi with 1200 free hotspots, distributed throughout the city, Milan decided to “bet” on another aspect of crucial importance within the Digital Agenda: the Open Data project. A digital city, in fact, is “Open Data”, which means to make available online all the data produced by the municipality so that anyone can use them for innovative public and private ideas (e.g. data on transport, environment, on waste, parking, hours of shops and much more). The Mayor, Giuliano Pisapia, will open the meeting, supported by the Tech Law Center, the Nexa Center for Internet & Society, Topix and sponsored by the city of Milan. During the event, the first projects undertaken by young programmers to improve the online services of the City of Milan will be presented and a permanent working group on research and analysis on Open Data will be created.

The programme of the event is available here.

The press review of the event is available here.

• date: May 9, 2011

Every new advance in computing technology brings about cries of doom from forensics practitioners. Each step forward for computing will inevitably bring about the end of our discipline and allow computer criminals to operate with impunity, they say. This attitude mirrors what science fiction authors have called the “technological singularity” – a point of technological advancement so rapid that the “future” becomes nearly impossible to predict. In this talk, I will discuss current and near-future trends and advances in cloud & mobile computing and digital storage which may mark the end of traditional “computer” forensics, while making the role of modern “digital” forensics even more important.

Guest speaker: Mr. Cory Altheide (Security Engineer, Forensics & Incident Response, Google Inc)
Workshop co-chairs: Giuseppe Vaciago (University of Milan -Bicocca) and Stefano Zanero (Polytechnic of Milan)
Morning Program (Aula Magna del Rettorato of Polytechnic of Milan)
9.00– 12.00– Workshop. List of participants: Cory Altheide (Google) Carlo Blengino (Lawyer of Turin Bar), Francesca Bosco (UNICRI – Project Officer, Emerging Crimes Unit), Elia Florio (Data Protection Authority), Roberto Flor (University of Verona – Faculty of Law), David Gabrini (Postal Police), Rodrigo Rodriguez (ATOS Research), Monica Senor (Lawyer of Turin), Giuseppe Vaciago (University of Milan -Bicocca – Faculty of Law) and Stefano Zanero (Polytechnic of Milan).

Summary of the workshop – link
Video of the lecture – link
Afternoon Program (Aula De Donato – Polytechnic of Milan)
14.30 – Welcome address by Rector of Politecnico
15.00 – Cory Altheide – The Death Of Computer Forensics: Digital Forensics After the Singularity

• date: June 22, 2011

The Data Liberation Front is an engineering team at Google whose goal is to make it easier for users to move their personal information and data in and out of Google products. This project is based on the key principle of user control: users should be able to export any data that they create in (or import into) a product, there shouldn’t be an additional charge (in terms of costs, but also of time spent) to export user data, and all information required to move these data should be available and transparent. The Data Liberation Front is an ongoing project, since it constantly helps and consults other engineering teams withing Google on how to “liberate” their products

Guest speaker: Mr Brian Fitzpatrick (Data Liberation Front Engineergin Manager)
Workshop co-chairs: Giuseppe Vaciago (University of Milan -Bicocca) Stefano Zanero (Polytechnic of Milan)
Morning Program (Aula Magna del Rettorato – Polytechnic of Milan)
9.00 – 12.00– A workshop for a maximum of 15 people invited by the scientific coordinator. Each person should prepare an oral argument, question or position to share with the other participants, analysing the principles of openness and user control that are at the very basis of the Data Liberation Front project and their impact in terms of both privacy and competition.

Afternoon Program (Aula Magna – Polytechnic of Milan)
14.30 – Welcome address by Rector of Polytechnic of Milan
15.00 – Brian Fitzpatrick – The Data Liberation Front and Google’s Commitment to the Open Web
16.30 – Stefano Ricci (University of Milan -Bicocca) – Legal Aspects of Data Control

• date: October 27, 2011

Symantec has announced the publication of its Intelligence Report for September 2011. The data shows a significant growth in the amount of malware sent by e-mail, of which approximately 72% could potentially be polymorphic malware, identified for the first time in July. At the end of July, the amount of malware sent totaled 23.7%. It then dropped to 18.5%  in August only to spike to 72%  in September. Antonio Forzieri, the Security Practice Manager, will describe the recent report in detail and provide the forecast for the next year. In terms of malware, the recent Staatstrojaner case generated an uproar in Germany because of the devastating effects that it could have on the privacy of private citizens. Nevertheless, the Diginotar case makes the problem of finding an immediate response to potential attacks on a country’s critical infrastructure a pressing issue. Francesca Bosco, a Project Officer at UNICRI, will speak about the most relevant international cases and possible contrasting strategies.

Guest speakers: Antonio Forzieri (Security Practice Manager at Symantec) and Francesca Bosco – Project Officer-Emerging Crimes Unit
Program (Aula De Donato – Polytechnic of Milan)
15.00 – Antonio Forzieri – Security Practice Manager at Symantec - Symantec Intellicence Report 2011
15.45 – Francesca Bosco – Project Officer-Emerging Crimes Unit - New challenges for Cybersecurity: Internet for Peace or for War?