Reference : L'IA applicata all'analisi dei metadati: un'alternativa alla rottura della crittograf...
Parts of books : Contribution to collective works
Law, criminology & political science : Multidisciplinary, general & others
L'IA applicata all'analisi dei metadati: un'alternativa alla rottura della crittografia per le autorità di contrasto alla criminalità
[en] The normative challenges of AI surveillance in the analysis of encrypted IoT-generated data for law enforcement purposes
Neroni Rezende, Isadora mailto []
Chiara, Pier Giorgio mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > PI VDT >]
Nuove Questioni di Informatica Forense
[en] New Issues in Digital Forensics
Brighi, Raffaella mailto
Aracne editrice
Informatica Giuridica
[en] Metadata ; AI ; Encryption
[en] This paper explores the normative challenges of digital security technologies i.e., end-to-end (E2E) encryption and metadata analysis, in particular in the context of law enforcement activities. Internet of Things (IoT) devices embedded in smart environments (e.g., smart cities) increasingly rely on E2E encryption in order to safeguard the confidentiality of information and uphold individuals’ fundamental rights, such as privacy and data protection. In November 2020, the Council of the EU published a resolution titled “Encryption – Security through encryption and security despite encryption”. The resolution seeks to ensure the ability of security and criminal justice authorities to access data in a lawful and targeted manner. Nonetheless, in the context of pre-emptive surveillance and criminal investigations, E2E encryption renders the analysis of the content of communications extremely challenging or practically impossible, even when access to data could be lawful.
Here, two different layers of complexity seem to emerge. They concern: (i) whether a balance between the values protected by E2E encryption and the aims of law enforcement can be attained; (ii) whether state-of-the-art AI models can preserve the advantages of E2E encryption, allowing for inferences of valuable information from communication traffic, with the aim of detecting possible threats or illicit content.
Against this backdrop, we firstly examine whether AI algorithms, such as Machine Learning and Deep Learning, might be part of the solution, especially when it comes to data-driven and statistical methods for applying classification in encrypted communication traffic so as to infer sensitive information about individuals. Secondly, we consider the possible uses of AI tools in the analysis of IoT-generated data in smart cities scenarios, focusing on metadata analysis. We explore whether that AI-based classification of encrypted traffic can circumscribe the scope of law enforcement monitoring operations, in compliance with the European surveillance case-law. Finally, as far as our research focus is concerned, we discuss how the use of AI bears the potential of smoothing traditional trade-offs between security and fundamental rights, allowing for encrypted traffic analysis without breaking encryption.
H2020 ; 814177 - LAST-JD-RIoE - Law, Science and Technology Joint Doctorate: Rights of the Internet of Everything

File(s) associated to this reference

Fulltext file(s):

Open access
NeroniRezende_Chiara_NuoveQuestionidiInformaticaForense.pdfPublisher postprint1.87 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.