Luca Mastrogregori (Head of eProcurement Strategies Department, Consip, Italy), the moderator of the session, introduced the main topics: a trip in Public Procurement through eProcurement, the opportunities and obstacles in using Open Data in Public Procurement and the role of ethics in it.

Nitya Karmakar (Macquarie University, Sidney) talked about ethical principles and rules in a business environment. He showed the ethical decision making model called Utilitarianism, where the proper course of action is the one that maximize utility. He stressed the importance of  having a transparent business and more uniform government legislation. He said that from a technological point of view, we needed a higher level of security, while from a social point of view, we need an easy-to-use,  low-cost model.

Roberto De Riccardis (Lombardia Informatica) showed  an experience of Public Procurement and use of Open Data in Italy, taking the example of Lombardy Region. Last year, in fact, the region promoted a contest to create mobile apps that use regional Open Data taken from a dedicated portal. Using Open Data in public procurement requires a better regulation: there is the need of boost transparency by making standards. Besides that, there are different obstacles to the use of Open Data in public administration, such as the non-mandatory nature of documentation and the difficulty of sharing some data due to privacy issues.

According to Augusto Coriglioni (Chairman Information Technology & Delegate for Research and Innovation, UNINDUSTRIA), technology is not an issue, but more an opportunity, a value. He also stressed out the need of a change in bureaucracy in order for the public to gain trust in public procurement. Public procurement is not a matter of cost of innovation, but more about the cost of not innovating. Government and enterprises must talk because they have to share rules.

Diego Bravar (Chairman & CEO, TBS Group, Italy) brought us the TBS experience, one of the first worldwide companies having a database with the medical equipment prices from all the hospitals.

Another sector related to Public Procurement is the educational one, as we see in the talk of Carlo Parmeggiani (Director Public Sector – South Europe, Intel, Italy). According to Intel’s experience, we should put public procurement in a digital way in order to bring technology into the public education.

In conclusion, we are only at the beginning of the process of Open Data and eProcurement spreading. The base step is, in fact, to put the Open Data online, and we are still at this point. The culture is changing, but it is still difficult to manage this change.

The session was moderated by Sébastien Héon, Director public affairs at Cassidian CyberSecurity, France, and the following participated in the session:

• Frederick Douzet (Professor & Associate Director French Institute of Geopolitics, University of Paris; Castex Chair of Cyberstrategy, France)
• Gisèle Ducrot (Casuality and Servicing Clinet Manager, AXA Matrix Risk Consultant, France);
• Emmanuel Harrar (Partner Dreyfus & Associés, France);
• Nagaaki Ohyama (Professor Tokyo Insitute of Technology, imaging Science and Engineering Laboratory, Japan);
• Frédérick Polycarpe (Head of international Sales & Programmes Cassidian CyberSecurity, France);
• Michel Toporkoff (Attorney at Law, Toporkoff Law Firm, France);
• Paul Wormeli (Execute Director Emeritus Integrated Justice Information Systems Institute – IJIS; Innovation Strategist, Wormeli Consulting, LLC, USA).

Frederick Douzet talked about the relevance of geography and geopolitics as useful tools to help identifying areas and zone of influences of countries in the cyberspace. She pointed out that that cyberspace represented a “territory with no regulation” and that cyber conflicts were actually originating from the real world, and so from a real location. She claimed that while nations want to regulate and control the internet, they can’t really obtain the goal since in the internet there is no boundary.

Paul Wormeli talked about the threats that came from the ether. He showed a timeline displaying the actors of cyberattacks in 2003, the current cyber attackers now and the most probable future ones in ten years from now. According to this timeline, while in the past hackers were mainly hacking out of hobby, today we face real criminals and associations of hackers, and tomorrow we will probably see armies, governments and corporations fighting on the internet. The possible consequences of successful attacks range from denial of services to cyberwars to destruction of systems, and the frequency of the attacks is growing up from millions per day to continuous, real time, interactive. Finally he claimed that the only possibility to fight this scenario was to always have a strategy of defense, so that when an attack occurs you are ready to instantly handle it.

Michel Toporkoff showed the only three real cases of cyberattacks that have been trialed and had a verdict in France in the last year. Therefore, the first important point that he highlighted was that a lot of attacks remained unknown. From the analysis of the cases he brought, another key problem of judging is that usually you cannot identify the so called “puppet master” behind the attacks. The last problem is that in some cases the victim actually fails in protecting its own data. So who is to blame?

Nagaaki Ohyama presented the security solution for the future Japanese public system that will manage digital taxation and security area for Japanese residents. The system will use a combination of an ID-Number assigned to every resident, memorized into a smartcard. He explained the risks that may come from that system in terms of personal privacy invasion and the way to handle them by using legal and security countermeasures (i.e. people will be able to watch every single transaction of their personal data). Finally, he claimed that a key problem for the “digitalization” of personal data is the social acceptance, since people are suspicious on it.

Emmanuel Harrar talked about the upcoming new gTLDs: generic top level domains (i.e. .com, .net, .us) and the problems that may come from their implementation. The importance of extending the number of the existing ones comes from the fact that current ones usually do not have a specific meaning (i.e. “.com”) and are low in number, while the new ones will be significant for brands (.mcdonalds, .bmw), for geography (.paris, .berlin), generic stuff (.sport, .hobby) and will have a direct impact on the e-commerce. The risks that may come (and probably will) from their implementation are the related to the internet stability and resilience, since the number of new web sites and application will exponentially grow. The legal risks are cyber-squatting, counterfeiting, phishing, and the business problem is the low ranking of sites using meaningless domains like “.com”, causing the loss of brand awareness for big companies.

Sébastien Héon presented an analysis of the UK government statistics about security. Based on a survey about the UK government it was established that 78% of large organizations were victims of cyberattacks in the last year and only 20% of those companies detected the problem, while others did not even notice it. Another important problem is that it usually takes 371 days on average or a company to realize that it has been attacked. He pointed that the main security issues come from a lack of standard procedures that companies project and adopt. Finally, he said that the principal way to handle security issues is to prevent attacks rather than react – in fact to react it usually takes 3 months to analyze and understand the attack, several days to neutralize it and plus than one year to recover from the damage.

Gisèle Ducrot said that cyber risks were strategic risks for the companies and not only technical issues. She partitioned the risk in elementary factors. The first one is the “cause” that identifies why a cyberattack could happen: company data and tools. The second factor is the “consequence” of the attack and it regards: finance, liability of the company, commercial, brand image and business interruption. Finally she brought some possible solutions for the risk management process: the first step is to identify the risks via risk analysis and via evaluating its origins and impacts; the second one is to adopt mitigation measures and the third and final one is to transfer it by using an insurance since in fact it provides a financial exposure reduction.

Frédérick Polycarpe talked about possible solutions and ways to manage cyber security for companies. He claimed that a big company must assume that it will be constantly attacked and it will need a consistent cyber security master plan on all divisions, all countries, all regulations. He reminded the audience that the attackers are motivated by ideology or by money, and that they could be hired by governments and organizations. Moreover, attackers are highly professional, they know how to beat standard countermeasures and a big company must assume that the attacker will always have more time and needs less money to attack than would the company in order to defend itself. He claimed that cybersecurity is a balance between technology, people and processes: companies needs tools to evaluate risks, detects attacks and to take decisions on how to prevent attacks and, eventually, react quickly. For Polycarpe, a big company needs a continuous security improvement cycle.

Madeline Siösteen Thiel, the session moderator, reminded the attendees of the success of last year’s Global Forum which was held in Stockholm and then introduced the other speakers.

Gabrielle Gauthey talked about the international trends for new investment model in NGA. Showing some statistics about the growth of the broadband and mobile connections and public WiFi spots, she explained that the world had changed and Internet had in fact become the portal of our lives, and all the contents are moving to the cloud. Mobile traffic is growing due to smartphone spreading and “Internet of Things”. She also talked about the decoupling between traffic and revenues in mobile networks. Europe needs new investment models for network deployment and needs to find them elsewhere, for example in Mexico, where a new model based on a common infrastructure is being tested.

Lorenzo Montermini, IT Manager GPI Group, introduced us to the new challenges of Public Healthcare. He said that there must be a redefinition of public sector role. Healthcare should not be a hospital and doctors exclusively, but its center should become the patient itself thanks to the implementation of self-service systems.

Michel Catinat (Head of Unit for Key Enabling Technologies and ICT, DG ENTERPRISE European Commission) pointed out the necessity of a European certification scheme for digital skills making a mark of the importance of certification systems. In the end, he stressed the importance of training packages co-designed with ICT industry.

Fiona Taylor (Director, European Affairs & Global Internet Strategy Verizon, Belgium) focused on the infrastructure layer. She analyzed the last 20 years during which the user population of the Internet has grown from 350 million to 7.7 billion. She showed a difficulty on defining a policy framework to regulate the Internet. She asked herself if there was a real need to regulate the Internet and if so, how it should be regulated. According to her, a key criterion for a regulating policy is that the same services on the web should have same regulation. Four key points that the policy framework should take care of are: Investment, Innovation, Consumer, Flexibility.

Nataša Pirc Musar (Information Commissioner, Republic of Slovenia) talked about the current regulations that are not present on the Internet and how European Union is working on them. In her opinion, one of the biggest challenges nowadays is that the Internet law is pretty like the open sea law. She thinks that there will be no regulation of the Internet in a near future, but it will have to happen otherwise it will be the World Wide West. She also talked about the European competences of data protection: the privacy of data regulation is a weak point in EU. Other important points are:

• How can we supervise the Data that are going to go outside the European Union?
• We rely on cloud to put our Data, but are we really sure about the cloud?
• Who can control where the cloud is?

Finally she said that she is worried about the data of European citizen flowing to the USA, since “I have nightmares about the revealing of Snowden”. She also claims that America cannot deny the truth and must give an explanation of NSA actions.

John Giusti (Head of Spectrum GSMA Association, United Kingdom) talked about the necessity for governments to provide services to satisfy the increasingly data demand. He mainly focused on the spectrum assignment problem, arguing that spectrum is a government regulation holding and too heavy regulations on the industry could be suffocating it. He thinks that to reach a possible win-win scenario for governments and mobile companies a right regulation that extends the access to companies in general is necessary in order to satisfy the huge demand coming from people.

Claudia Selli (EU Affairs Director, AT&T, Belgium) said that the human interaction with devices is accelerating and the next possible step in digital life is that everything will be connected. In fact people do not care about the technology behind the connection services: they just want them to be fast and reliable. Finally she asked herself what regulation makes sense today and tomorrow. For instance, in 2007, Twitter did not exist and the “app revolution” was not happening. Therefore, we need a flexible regulatory framework that can be valid for future technologies that are unpredictable.

Thomas Spiller (Vice-President Public Policy, EMEA, The Walt Disney Company, Belgium) talked about the “3 C”: contents, culture and customers. He said contents were key factors driving the attention of the customers on the internet, so it is important to provide high quality contents in line with the customers culture. Culture is also very important: for instance, parents want their children to watch the content in their native language. Finally, he said that the customers themselves had been changing, since nowadays children are able to listen to and work on three or more different devices at the same time (Skype call with a friend, texting on the smartphone with another, playing videogames). With regards to regulations, Spiller thinks that it is really important to protect the kids from malevolent contents but it also must not be too strict and let the market evolve.

 Innocenzo Genna (Founder and Partner Director Genna Cabinet, Belgium) said that the European Commision was working on a reform about the regulation of the Internet. One of the pillars of the reform is to introduce special connectivity services: “It seems like there is a big emphasis on providing those services, but it is not clear who demands them”. For instance, Skype and other companies that provide high quality calls and video conferences already found a solution themselves. Who will be the beneficiary of those special connectivity services? According to libertarians, only “big fish” will benefits from them, while startups, that are the core of innovation, could find themselves obliged to consequently rely on low quality services. Therefore, this reform ruins the state of the Internet as we know it.

Olivier Duroyon (Director Public Affair – Alcatel Lucent, France) said that the demand for Internet services had grown in an explosive way and the European Union had not improved enough the infrastructures on which Internet relies on. So, he thinks that big investments in improving infrastructures are fundamental for the future. Then Duroyon explained that there was a dividing gap in regulation among different technologies: Internet is one of the less regulated ones. In his opinion, today is the right time for Europe to adopt some basic rules to apply to the Internet, respecting the concept of technology neutrality.

Paolo Plebani (Founder & CEO Powerplex, Italy) focused on the theme of Smart Cities. He explained that there was no model of a city that could be considered “smart”, because there was a lack of regulation on the theme. What his company did was to define a possible standard to fill the gap discussed above. He brought up the case of the city of Bolzano, where the requirements of the defined standards are verified. For example, some key points are:

• All the municipality processes should be realized in a way to be repeatable;
• The work of the public managers is measured in terms of efficiency, efficacy and time
• analog services must be converted in digital;
• The actions and the results of the public management must be documented and transparent to citizens

One of the main problems of public administration is that managers do not really know what they need in terms of digital services and as a consequence they cannot really understand how to regulate them.

Steven Adler moderated the first session “INFORMATION STRATEGY: THE KEY FOR DEVELOPMENT AND GROWTH – DIGITAL ENABLERS AND NEW INFORMATION PRODUCTS”. Mr. Adler gave an overview of the American point of view of the Open Data. He said that developing apps based on Open Data, that are collected by governments and public administrations, is a useful and innovative tool for transforming the cities.

Gérald Santucci (Head of Unit Knowledge Sharing – DG Connect) focused on the role of Open Data into the European Union, pointing out the importance of looking for open data, open services and open processes. This is the first year in European Union that there is a concrete step towards the use of Open Data, following the line already taken by G8 in June 2013 (signature of Open Data Charter). This also means a strong connection between the global and European network. Mr. Santucci also stressed public data cannot be considered Open Data. According to him, Open Data must be readily and easily accessible [by anyone who has a pc]. We should use Open Data to boost economic growth.

I an open discussion, the panelists concluded that from an IT point of view, Open Data is something “live”, different from a static page. They are always updated (like in a live repository) and should represent a symbol of trust between governments and citizens. One of the main problems about Open Data is that we often do not have sufficient information about the way they are retrieved, where they came from and how to use them, so, for example, it is not always possible to make a comparison between different sources.

Margot Dor (Director Partnership & EU Affairs, ETSI) focused on the legacy terms beyond the use of Open Data. In Europe it is difficult to establish a policy for managing Open Data because of the different laws in all the countries. We’ve to regulate the use of Open Data, according, for example, to formats, shape, presentation.

Giuseppe Surace (Senior Manager & M2M Cloud Solution Director Telit Wireless Solution) stated that the technology to collect and store the data is available (we can use a clever sensor, then store data into servers or into the cloud), but the key point is that we have to trust the collected data. For Open Data the security concept must be strength.

Santucci said that Open Data must be persistent, reliable, and maintainable. They should not be only open, people should have guarantee of them.

Claudia Selli, E.U. Affairs Director, AT&T, pointed out the importance of investments in network improvement. According to her, we should have a policy framework linked with actual technology adopting high level principles. We have to go into the direction of harmonization, not towards a fragmented market.

In the follow-up discussion Mr. Adler said that public companies should publish Open Data. We, both as stakeholders and public citizens, have to know what companies are doing. This is a form of trust.

Pascal Poitevin, IT Director, France Génétique Élevage, focused on Open Data role in accord to agriculture – we need to increase production to feed people growing, we should increase public investment in agriculture. For example, we should give farmers reliable information using Open Data.