Martina F. Ferracane, profile picture
Uploaded byMartina F. Ferracane
PDF, PPTX158 views

DATA FLOWS & NATIONAL SECURITY

This document outlines a presentation on data flows and national security given by Martina Ferracane. It discusses how restrictions on data flows relate to the GATS security exception and assesses how data flows impact national security concerns like cyber espionage, attacks on critical infrastructure, and terrorist threats. The presentation concludes that determining whether data flow restrictions are justified requires analyzing each case based on the security threat picture and alternative technological options.

Internet
Related topics:
National Security

Embed presentation

Download as PDF, PPTX
D A TA F L O W S & N A T I O N A L S E C U R I T Y A C O N C E P T U A L F R A M E W O R K T O A S S E S S R E S T R I C T I O N S O N D A TA F L O W S U N D E R G A T S S E C U R I T Y E X C E P T I O N M A R T I N A F R A N C E S C A F E R R A C A N E R E S E A R C H F E L L O W A T C A L I F O R N I A I N T E R N A T I O N A L L A W C E N T E R L U N C H S E M I N A R 8 F E B R U A RY 2 0 1 8
O U T L I N E 1. B A C K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T T H R E A T S 5. C O N C L U S I O N S
1. B A C K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T T H R E A T S 5. C O N C L U S I O N S O U T L I N E
- WTO: World Trade Organisation - 95% world trade - GATS: General Agreement on Trade in Services - Exceptions: data privacy, national security, etc. - Dispute Settlement Understanding B A C K G R O U N D I N F O
Restrictions on data flows: do they constitute a restriction on trade in services? Yes No B A C K G R O U N D I N F O —> Need for new language —> GATS applies What if a country challenged a measure restricting data flows under the WTO?
1. B A C K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T T H R E A T S 5. C O N C L U S I O N S O U T L I N E
R E S T R I C T I O N S O N D A TA F L O W S Source: Ferracane (2017)
Source: Digital Trade Estimates Database - ECIPE R E S T R I C T I O N S O N D A TA F L O W S
1. B A C K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T T H R E A T S 5. C O N C L U S I O N S O U T L I N E
G A T S A R T. X I V b i s 1. Nothing in this Agreement shall be construed: (a) to require any Member to furnish any information, the disclosure of which it considers contrary to its essential security interests; or (b) to prevent any Member from taking any action which it considers necessary for the protection of its essential security interests: (i) relating to the supply of services as carried out directly or indirectly for the purpose of provisioning a military establishment; (ii) relating to fissionable and fusionable materials or the materials from which they are derived; (iii) taken in time of war or other emergency in international relations; or (c) to prevent any Member from taking any action in pursuance of its obligations under the United Nations Charter for the maintenance of international peace and security. (…)
O U T L I N E 1. B A C K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S N A T I O N A L S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T A T TA C K 5. C O N C L U S I O N S
C Y B E R E S P I O N A G E Source: https://goo.gl/images/5Pa7Pq
Source: http://resources.infosecinstitute.com/recognize-phishing-emails/#gref
C Y B E R E S P I O N A G E - Legal analysis: - International Customary Law (Tallinn Manual 2.0) - National Laws (in particular, US law —> FISA, Executive Order 12,333 of 1981, but also PRISM and downstream collection) - In summary, data not might be legally better protected when it is stored locally in the country of origin - Technical analysis: - Harder to access data in certain cases but other forms of access remain available (phishing, hardware back-doors, etc)
O U T L I N E 1. B A C K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T T H R E A T S 5. C O N C L U S I O N S
C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E 1. Definition of critical infrastructure 2. Legally: no difference 3. Technically: certain attacks can become more costly 4. Risk of attack might also increase
O U T L I N E 1. B A C K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T T H R E A T S 5. C O N C L U S I O N S
T E R R O R I S T T H R E A T S - Frustrating delay of MLATs - Copy of data would be enough - Only threats within the country - Privacy vs Security
O U T L I N E 1. B A C K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T T H R E A T S 5. C O N C L U S I O N S
C O N C L U S I O N S - Case-by-case basis - Scope of the measure (sector, type of data, etc) - Threat picture of the country - Alternative technological solutions
M A R T I N A F R A N C E S C A F E R R A C A N E E M A I L : M A R T I N A . F E R R A C A N E @ G M A I L . C O M THANK YOU!

More Related Content

PDF
Manufacturing the future: Industry 4.0
byMartina F. Ferracane
 
PDF
INCLUSIVE TRADE: THE RISE OF FAB LABS
byMartina F. Ferracane
 
PDF
South Africa & Data Flows
byMartina F. Ferracane
 
PDF
Will 3D Printing change everything?
byMartina F. Ferracane
 
PDF
In pursuit of messaging broker(s)
byDavid Gevorkyan
 
PDF
Help Ukraine
byNastyaTsaruk
 
PDF
AUA Data Science Meetup
byDavid Gevorkyan
 
PDF
How GZIP compression works - JS Conf EU 2014
byRaul Fraile
 
Manufacturing the future: Industry 4.0
byMartina F. Ferracane
 
INCLUSIVE TRADE: THE RISE OF FAB LABS
byMartina F. Ferracane
 
South Africa & Data Flows
byMartina F. Ferracane
 
Will 3D Printing change everything?
byMartina F. Ferracane
 
In pursuit of messaging broker(s)
byDavid Gevorkyan
 
Help Ukraine
byNastyaTsaruk
 
AUA Data Science Meetup
byDavid Gevorkyan
 
How GZIP compression works - JS Conf EU 2014
byRaul Fraile
 

What's hot

PDF
Codecademy Live QA Presentation
byJames Kim
 
PDF
WWDC 2019 Cheatsheet
byWanbok Choi
 
PDF
TLN presentatie 4 juni 2015
byMirror Wise
 
PPTX
June 29, 2020 TARC Virtual Meeting
byMiami-Dade Transportation Planning Organization
 
PPTX
EAC Students' Thoughts on Reading Workshop
byMegan Kuemmerlin
 
PDF
Fashion Guidelines
bySaad Lemgaddar
 
PDF
SEO: A Crash Course | What is SEO in 2015? An Ethoseo™ Presentation
byDamien Wright
 
PDF
Trends, organisatie impact en social media presentatie
byMirror Wise
 
PDF
In de weerd presentatie social media
byMirror Wise
 
PPTX
Manejo de redes
byAndreaGuadalupeAceve
 
PPTX
Will 3D printing change everything?
byMartina F. Ferracane
 
PDF
weathermusic_final
bybomi song
 
PDF
Tournament trends 2018
bySSRS Market Research
 
PDF
Upgrading OpenStack? Avoid these 3 Common Pitfalls
byPlatform9
 
PDF
Test quick, build smart, be awesome
byWP&UP
 
PDF
Blue Moon - Advertising Plan (Group Project)
bySam Cheema
 
PDF
California Science Center (USC CSCI 588)
bySunny Chiu
 
PDF
Professional History
byAleksandra Kostadinovic
 
PPTX
Managing a Crisis in the New World of Social Media
byali Bullock
 
PDF
Thinking Outside the Book KPR
bylrougeux
 
Codecademy Live QA Presentation
byJames Kim
 
WWDC 2019 Cheatsheet
byWanbok Choi
 
TLN presentatie 4 juni 2015
byMirror Wise
 
June 29, 2020 TARC Virtual Meeting
byMiami-Dade Transportation Planning Organization
 
EAC Students' Thoughts on Reading Workshop
byMegan Kuemmerlin
 
Fashion Guidelines
bySaad Lemgaddar
 
SEO: A Crash Course | What is SEO in 2015? An Ethoseo™ Presentation
byDamien Wright
 
Trends, organisatie impact en social media presentatie
byMirror Wise
 
In de weerd presentatie social media
byMirror Wise
 
Manejo de redes
byAndreaGuadalupeAceve
 
Will 3D printing change everything?
byMartina F. Ferracane
 
weathermusic_final
bybomi song
 
Tournament trends 2018
bySSRS Market Research
 
Upgrading OpenStack? Avoid these 3 Common Pitfalls
byPlatform9
 
Test quick, build smart, be awesome
byWP&UP
 
Blue Moon - Advertising Plan (Group Project)
bySam Cheema
 
California Science Center (USC CSCI 588)
bySunny Chiu
 
Professional History
byAleksandra Kostadinovic
 
Managing a Crisis in the New World of Social Media
byali Bullock
 
Thinking Outside the Book KPR
bylrougeux
 

Similar to DATA FLOWS & NATIONAL SECURITY

PDF
Cybersecurity: Dos and Dont's
byMartina F. Ferracane
 
PPTX
How your nonprofit can avoid data breaches and ensure privacy
byTechSoup Canada
 
PPTX
TALK Cybersecurity Summit 2017 Slides: Robert Brown, Attorney, Lynch Cox, Gi...
byDawn Yankeelov
 
PDF
Advanced Information Security — Understanding Modern Threats, Attacks & Defenses
byArooj Fatima
 
PDF
American Bar Association guidelines on Cyber Security standards
byDavid Sweigert
 
PPTX
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
byBrian K. Dickard
 
PPTX
The Patriot Act and Cloud Security - Busting the European FUD
byResilient Systems
 
PPTX
Webinar 2.1 - Network protection and devices.pptx
byRoyMurillo4
 
PPTX
Cyber crime
byAman Raj
 
PPTX
Info leakage 200510
byProf John Walker FRSA Purveyor Dark Intelligence
 
PPTX
Transforming our Nation’s Information Sharing
byICJIA Webmaster
 
PDF
Changing Domains - The Cyber Info Realm 2023.pdf
byBenjamin Ang
 
PDF
C-Suite Guide to Cybersecurity
byMICHAEL MOSHIRI
 
PDF
Cybersecurity Rubicon: Emerging Threats
byKagrati3972
 
PDF
Ley CISPA
byPedro A. Barrera C. (PtrColombia - PedroBCarrillo)
 
PDF
Anatomy Of A Breach: The Good, The Bad & The Ugly
byResilient Systems
 
ODP
Network security Topic 2 overview continued
byKhawar Nehal khawar.nehal@atrc.net.pk
 
PDF
Rapid7 Report: Data Breaches in the Government Sector
byRapid7
 
PPTX
CyberSecurityPPT TOPAZ holiday homework.pptx
bysurenderSingh12254
 
PPTX
Information Security BY DR.NURUL HUDA NIK ZULKIPLI VISITING LECTURER FROM UNI...
byGaluhPt
 
Cybersecurity: Dos and Dont's
byMartina F. Ferracane
 
How your nonprofit can avoid data breaches and ensure privacy
byTechSoup Canada
 
TALK Cybersecurity Summit 2017 Slides: Robert Brown, Attorney, Lynch Cox, Gi...
byDawn Yankeelov
 
Advanced Information Security — Understanding Modern Threats, Attacks & Defenses
byArooj Fatima
 
American Bar Association guidelines on Cyber Security standards
byDavid Sweigert
 
There's a Crippling Cyber Attack Coming Your Way! Are we prepared to stop it?
byBrian K. Dickard
 
The Patriot Act and Cloud Security - Busting the European FUD
byResilient Systems
 
Webinar 2.1 - Network protection and devices.pptx
byRoyMurillo4
 
Cyber crime
byAman Raj
 
Info leakage 200510
byProf John Walker FRSA Purveyor Dark Intelligence
 
Transforming our Nation’s Information Sharing
byICJIA Webmaster
 
Changing Domains - The Cyber Info Realm 2023.pdf
byBenjamin Ang
 
C-Suite Guide to Cybersecurity
byMICHAEL MOSHIRI
 
Cybersecurity Rubicon: Emerging Threats
byKagrati3972
 
Ley CISPA
byPedro A. Barrera C. (PtrColombia - PedroBCarrillo)
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
byResilient Systems
 
Network security Topic 2 overview continued
byKhawar Nehal khawar.nehal@atrc.net.pk
 
Rapid7 Report: Data Breaches in the Government Sector
byRapid7
 
CyberSecurityPPT TOPAZ holiday homework.pptx
bysurenderSingh12254
 
Information Security BY DR.NURUL HUDA NIK ZULKIPLI VISITING LECTURER FROM UNI...
byGaluhPt
 

More from Martina F. Ferracane

PDF
Reglamento General de Protección de Datos
byMartina F. Ferracane
 
PDF
Designing regulation for the future
byMartina F. Ferracane
 
PDF
Digital Trade Restrictions in South Africa
byMartina F. Ferracane
 
PDF
Trade and Growth in the Digital Era
byMartina F. Ferracane
 
PDF
The Geopolitics of Internet Taxation: Is digitalisation eroding the corporate...
byMartina F. Ferracane
 
PDF
ITA: What's next?
byMartina F. Ferracane
 
PDF
Digital Trade Estimates Project
byMartina F. Ferracane
 
PDF
Digital Trade Estimates Project
byMartina F. Ferracane
 
PDF
Digital Trade Estimates Project
byMartina F. Ferracane
 
PDF
Data Localisation Trends
byMartina F. Ferracane
 
PDF
Data localisation and data security
byMartina F. Ferracane
 
PDF
DIY microscope
byMartina F. Ferracane
 
PDF
Fab Labs: a global network for local entrepreneurship
byMartina F. Ferracane
 
PDF
ISDS: The European Proposal of an Investment Court System
byMartina F. Ferracane
 
PDF
ISDS in APEC region the record
byMartina F. Ferracane
 
PDF
Experiencing a FabLab
byMartina F. Ferracane
 
PDF
Bio-hacking
byMartina F. Ferracane
 
Reglamento General de Protección de Datos
byMartina F. Ferracane
 
Designing regulation for the future
byMartina F. Ferracane
 
Digital Trade Restrictions in South Africa
byMartina F. Ferracane
 
Trade and Growth in the Digital Era
byMartina F. Ferracane
 
The Geopolitics of Internet Taxation: Is digitalisation eroding the corporate...
byMartina F. Ferracane
 
ITA: What's next?
byMartina F. Ferracane
 
Digital Trade Estimates Project
byMartina F. Ferracane
 
Digital Trade Estimates Project
byMartina F. Ferracane
 
Digital Trade Estimates Project
byMartina F. Ferracane
 
Data Localisation Trends
byMartina F. Ferracane
 
Data localisation and data security
byMartina F. Ferracane
 
DIY microscope
byMartina F. Ferracane
 
Fab Labs: a global network for local entrepreneurship
byMartina F. Ferracane
 
ISDS: The European Proposal of an Investment Court System
byMartina F. Ferracane
 
ISDS in APEC region the record
byMartina F. Ferracane
 
Experiencing a FabLab
byMartina F. Ferracane
 
Bio-hacking
byMartina F. Ferracane
 

DATA FLOWS & NATIONAL SECURITY

  • 1.
    D A TAF L O W S & N A T I O N A L S E C U R I T Y A C O N C E P T U A L F R A M E W O R K T O A S S E S S R E S T R I C T I O N S O N D A TA F L O W S U N D E R G A T S S E C U R I T Y E X C E P T I O N M A R T I N A F R A N C E S C A F E R R A C A N E R E S E A R C H F E L L O W A T C A L I F O R N I A I N T E R N A T I O N A L L A W C E N T E R L U N C H S E M I N A R 8 F E B R U A RY 2 0 1 8
  • 2.
    O U TL I N E 1. B A C K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T T H R E A T S 5. C O N C L U S I O N S
  • 3.
    1. B AC K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T T H R E A T S 5. C O N C L U S I O N S O U T L I N E
  • 4.
    - WTO: WorldTrade Organisation - 95% world trade - GATS: General Agreement on Trade in Services - Exceptions: data privacy, national security, etc. - Dispute Settlement Understanding B A C K G R O U N D I N F O
  • 5.
    Restrictions on dataflows: do they constitute a restriction on trade in services? Yes No B A C K G R O U N D I N F O —> Need for new language —> GATS applies What if a country challenged a measure restricting data flows under the WTO?
  • 6.
    1. B AC K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T T H R E A T S 5. C O N C L U S I O N S O U T L I N E
  • 7.
    R E ST R I C T I O N S O N D A TA F L O W S Source: Ferracane (2017)
  • 8.
    Source: Digital TradeEstimates Database - ECIPE R E S T R I C T I O N S O N D A TA F L O W S
  • 9.
    1. B AC K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T T H R E A T S 5. C O N C L U S I O N S O U T L I N E
  • 10.
    G A TS A R T. X I V b i s 1. Nothing in this Agreement shall be construed: (a) to require any Member to furnish any information, the disclosure of which it considers contrary to its essential security interests; or (b) to prevent any Member from taking any action which it considers necessary for the protection of its essential security interests: (i) relating to the supply of services as carried out directly or indirectly for the purpose of provisioning a military establishment; (ii) relating to fissionable and fusionable materials or the materials from which they are derived; (iii) taken in time of war or other emergency in international relations; or (c) to prevent any Member from taking any action in pursuance of its obligations under the United Nations Charter for the maintenance of international peace and security. (…)
  • 11.
    O U TL I N E 1. B A C K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S N A T I O N A L S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T A T TA C K 5. C O N C L U S I O N S
  • 12.
    C Y BE R E S P I O N A G E Source: https://goo.gl/images/5Pa7Pq
  • 13.
  • 15.
    C Y BE R E S P I O N A G E - Legal analysis: - International Customary Law (Tallinn Manual 2.0) - National Laws (in particular, US law —> FISA, Executive Order 12,333 of 1981, but also PRISM and downstream collection) - In summary, data not might be legally better protected when it is stored locally in the country of origin - Technical analysis: - Harder to access data in certain cases but other forms of access remain available (phishing, hardware back-doors, etc)
  • 16.
    O U TL I N E 1. B A C K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T T H R E A T S 5. C O N C L U S I O N S
  • 17.
    C Y BE R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E 1. Definition of critical infrastructure 2. Legally: no difference 3. Technically: certain attacks can become more costly 4. Risk of attack might also increase
  • 18.
    O U TL I N E 1. B A C K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T T H R E A T S 5. C O N C L U S I O N S
  • 19.
    T E RR O R I S T T H R E A T S - Frustrating delay of MLATs - Copy of data would be enough - Only threats within the country - Privacy vs Security
  • 20.
    O U TL I N E 1. B A C K G R O U N D I N F O 2. R E S T R I C T I O N S O N D A TA F L O W S 3. G A T S S E C U R I T Y E X C E P T I O N 4. D A TA F L O W S & N A T I O N A L S E C U R I T Y • C Y B E R E S P I O N A G E • C Y B E R A T TA C K O N C R I T I C A L I N F R A S T R U C T U R E • T E R R O R I S T T H R E A T S 5. C O N C L U S I O N S
  • 21.
    C O NC L U S I O N S - Case-by-case basis - Scope of the measure (sector, type of data, etc) - Threat picture of the country - Alternative technological solutions
  • 22.
    M A RT I N A F R A N C E S C A F E R R A C A N E E M A I L : M A R T I N A . F E R R A C A N E @ G M A I L . C O M THANK YOU!