Tag Archives: Threat Intelligence

Blockchain Regulatory Framework, Legal Challenges and the Financial Industry

Blockchain Regulatory Framework, Legal Challenges and the Financial Industry

Camille Madec

Introduction

In order to stay competitive, financial industry must seize the opportunities of the on-going technological disruption, and particularly with the recent so-called blockchain innovation when some argue that this new technology has the potential to replace banks as financial intermediaries for transfer and exchanges of money. In this transitional context, financial sector could face new cybersecurity risks, with sophisticated attacks, which eventually call for a renewed regulation framework. Here the financial sector means banks, insurers, asset managers, and advisory firms.

Blockchain can be defined as “a peer-to-peer operated public digital ledger that records all transactions executed for a particular asset (…) The Blockchain maintains this record across a network of computers, and anyone on the network can access the ledger. Blockchain is ‘decentralised’ meaning people on the network maintain the ledger, requiring no central or third party intermediary involvement. […] Users known as ‘miners’ use specialized software to look for these time stamped ‘blocks’, verify their accuracy using a special algorithm, and add the block to the chain. The chain maintains chronological order for all blocks added because of these time-stamps.” (Alderman, 2015)

Hence, Blockchain, well known through the so-called bit coin, could open much more perspective and should guaranty security and the validation of all the exchange of data. In addition to open room for new business opportunities, this new technology could disrupt the legal conception of privacy, intellectual property right, and presents some issues regarding financial institution accountability given the new associated risks. As a consequence while financial institutions have been under strengths by the new regulatory requirements in the aftermath of the 2008 financial crisis, they might see their accountability rises again to address cybersecurity risks and associated prejudices related to blockchain innovation.

This paper explains how business compliance to new cyber regulatory framework is a strategic issue for financial institutions. It presents the financial institutions specific data profile and linked eventual collateral damages. It highlights blockchain innovation opportunities and associated new cybercrime challenges. It describes the current European regulatory framework and legal accountability scenarios. It then finally supports the hypothesis of cyber compliance as a corporate competitive advantage and maps out some elements
of potential recommendations to strengthen cybersecurity resilience.

Read the full strategic report here: regulatory compliance and cybersecurity

References

Alderman, P. (2015). Blockchain –emerging legal issues. Lexology, Global.

Privacy on the Internet: a sweet dream?

 Privacy on the Internet: a sweet dream?

Quentin Jaubert, Adrien Zamora

Introduction

Big Brother is watching you” wrote Georges Orwell. In this groundbreaking book, Orwell describes a society in which the officials know everything that would happen inside the country by performing an omnipresent surveillance over the inhabitants. Today’s police forces and secret services own a numerous number of surveillance tools such as biometry, chips, facial recognition, localization that allow them to become very intrusive security forces. But the “policing” has now also become the property of major private companies (social media platforms, search engines, telecommunication carriers etc). A funny way of rethinking Orwell’s quote in our modern world would be: “Big Browser is watching you”.

There was a time where people had their privacy. One could go shopping when exiting the office, buy several stuffs in cash, go back home, close the doors and curtains, and run their private life. That was it. But privacy has evolved over time. If “privacy” can be defined as a “right to be let alone” (Warren and Brandeis, 1890), or even “the right to prevent the disclosure of personal information to others” (Westin, 1968), the concept has recently taken a multidimensional nature regarding “information, accessibility and expression” (Decew, 1997), and with the rise of the Internet, technology has created new privacy issues (Austin, 2003) which lead us to wonder: is online privacy a sweet dream?

In order to understand the issues linked to our online privacy and generate insights from it, we adopted the following method:

How has the privacy concept evolved with the appearance of the Internet?

In such a connected world, should we/can we protect our privacy? If yes, how?

Where will we be standing in the next 5, 10, 20 years? Will “online privacy” ever mean anything in the next decades?

Read the full strategic report here: privacy on the internet: a sweet dream?

References

Austin, L. (2003). Privacy and the Question of Technology. Law and Philosophy, 22(2), 119-166.

DeCew, J. W. (1997). In pursuit of privacy: Law, ethics, and the rise of technology. Cornell University Press.
Orwell, G. (2009). Nineteen eighty-four. Everyman’s Library.
Warren, S. D., & Brandeis, L. D. (1890). The right to privacy. Harvard law review, 193-220.
Westin, A. F. (1968). Privacy and freedom. Washington and Lee Law Review, 25(1), 166.

A Strategic Approach to the Tor Network

A Strategic Approach to the Tor Network

Why should firms go dark?

François Courset,­ Margot Favennec, Candice Hamou

Abstract:

The dark web should be considered by companies for various reasons. It offers a large panel of useful tools that can be crucial for negotiation or security. Moreover, even if it can appear as a niche network, opening an onion version of the companies’ websites might help them to boost their image. It can also bring new users to the website, users that usually cannot reach it because of censorship issues. Finally, we have seen new emerging trends related to the dark web. The Tor network might be seen in the future as a guarantee of security online but it can also deeply change the way data are used. Taking into consideration the dark web, not only as a place of illegal activities, but also as a new channel with its own opportunities and constraints is thus essential for all decision-­makers.

Introduction: For the Web is dark, and full of terrors?

The Dark Web has been fascinating and fueling the imagination of many Internet users for a few years now. The collective art group Mediengruppe Bitnik even created a Random Darknet Shoper, a bot which bought a random object from the darknet market place Agora and then sent it to the two artists in charge of the project. This artistic project, aiming at debunking consumerism, showed yet that drugs are not the only things you can find on the Dark Net. You can also find everything you buy in the “clean world”, and buy these with a refund service -­ the two artists received a refund for a bag that was no longer available.

The Dark Web, instead of being the place gathering the worst side of humanity (drugs, pedophilian contents…) could also thus be a place where a real economy grows and prospers.

That’s why the following question deserves to be asked: can the Dark Web be profitable for firms then? Could a reliable “dark” business model exists and could the dark web be used as a almost regular tool to increase a firm’s profit?

First things first, the Dark Web is often misperceived among the global population since the media hype mainly focuses on scandals such as Silk Road’s. This tends to depict it as a place where you can find barely anything illegal, from drugs to hitmen. Yet the Dark Web is not only about illegal traffic. It is much more than that. What’s more, a distinction has to be made, a distinction that is far to often forgotten or neglected. As shown by the two pictures you will find in the report (page 3), there are different levels beneath the “Surface Web” we all know. First comes the “Deep Web”, where you can find many reports, storage datas, and again underneath this Deep Web comes the “Dark Web”, where all communications are encrypted. Now let’s clarify what each term means:

Deep Web: information not accessible with a regular search engine. It is a Web concept regarding search engine (Bergman, 2001).

DarkNet = Dark Web = Tor = information not accessible with a regular search engine or a browser.

The Deep Web has a far larger content that the Surface Web: 1GO of indexed page versus 550GO of deep web page and 19TB of indexed content versus 7500 TB of deep web content, to quote only but a few numbers from a recent study. To be really thorough, Dark Nets are all the overlay networks on the Deepweb, and Dark Web is the content of some Darknets. Thus one DarkWeb may be considered as a small portion of Deep Web. Deep Web and DarkWeb are very often confond, yet they are not the same!

We chose to focus on Tor since this is what most people use to get into Darknets and to browse the Web anonimously. Tor enables you to protect your privacy while looking at any webcontent, and from our point of view, this is one crucial asset for a business model based on the use of Darknets. In the wake of the growing yearn for privacy and of protest against wild data collection, Tor is definitely something firms should get interested in.

The following report assess the strategic value of Tor for businesses. Read the full report here: A Strategic Approach to the Tor Network

References

Bergman, M. K. (2001). White paper: the deep web: surfacing hidden value. Journal of electronic publishing, 7(1).