Session:Wifi4EU - broken by technical specifications
|Description||With the Wifi4EU programm the EU is planning to spend 100 million € by 2020 to subsidise a centralized surveillance infrastructure for centers of public life in the EU. The talk will lay out how Wifi4EU is supposed to work both administratively and technically, where there are problems with the later and what is and can be done about it.|
|Language||en - English |
en - English
|Starts at||2019/08/23 14:00|
|Ends at||2019/08/23 14:55|
With the Wifi4EU programm the EU is planning to spend 100 million € by 2020 to subsidise a centralized surveillance infrastructure for centers of public life in the EU. The talk will lay out how Wifi4EU is supposed to work both administratively and technically, where there are problems with the later and what is and can be done about it.
With the Wifi4EU programm  the EU is planning to subsidies the installation of free Wi-Fi with 120 million € until 2020. The installations are planned to be "... free of charge, free of advertising and free from commercial re-use of data. ..."  and aim "... to equip every European village and every city with free wireless internet access around the main centres of public life. ..." 
Unfortunately the technical specifications implemented in the first call on the 7th - 9th of November 2018  and the second call on the 4th- 5th of April 2019  tell a different story. So far 93 Million € are planned to be spend in a flawed design.
Amongst other problems they include:
".. requirements for a centralized authentification infrastructure - like eduroam  (FAQ 23),inherent IT security problems - embedded snippets in the captive portals  (FAQ 26) and proprietary standards - hotspot 2.0.  (FAQ 27) ..."
Following a talk at the Wireless Community Weekend 2018 in May 2018  and the 35c3 refreshing memories  talk will include:
- a short introduction to the programm, - how it came to be, - what happend so far - the implications of the programm - what can be done to fix things.
Besides contacting the european comission, several members of the european parlament and Klaus Landefeld of the eco  we were able to get members of the german Bundestag to get interested in the issue . This led to a "schriftliche Anfrage" towards the Bundesregierung regarding the GDPR compliance of the authentification infrastructure, the situation is currently evolving.
Futhermore an open letter  to the european data protection supervisor (EDPS) Giovanni Buttarelli  was answered and included the following passage:
"... The EDPS was not consulted in this context. From a technical perspective, an open and secure WiFi network does not in principle require any form of user registration and authentication, in line with the principle of data minimisation. ..."
Unfortunatley the inquiry by the EDPS towards the european comission was not answered at the 29th of May 2019.
The talk aims to inform about the current state of affairs and hoefully foster a discussion during the congress what can and should be done to prohibit the creation of yet another surveillance infrastructure and what a desirable public Wi-Fi infrastructure should look like.
 https://ec.europa.eu/digital-single-market/en/wifi4eu-free-wi-fi-europeans  https://europa.eu/rapid/press-release_IP-18-2065_en.htm  https://ec.europa.eu/digital-single-market/en/news/preliminary-results-first-wifi4eu-call  https://ec.europa.eu/digital-single-market/en/news/preliminary-results-second-wifi4eu-call  https://ec.europa.eu/digital-single-market/en/wifi4eu-questions-and-answers  https://www.youtube.com/watch?v=YbPpK8_X9Qg  https://fahrplan.chaos-west.de/35c3chaoswest/talk/K39NLS/  https://media.ccc.de/v/35c3chaoswest-52-wifi4eu-broken-by-technical-specification  https://international.eco.de/people/klaus-landefeld/  https://twitter.com/jimmyschulz/status/1060210780992356352  http://jimmy-schulz.de/2018/12/14/offener-brief-datenschutz-und-das-wifi4eu-projekt/  http://jimmy-schulz.de/wp-content/uploads/2019/02/19-02-07-Letter-Schulz-2018-0327-D-228-002.pdf