“The regulatory system already provides for a series of filters that do not allow the publication of wiretaps that are not relevant to the investigation, which are appropriately kept in a special archive”: this is what we read in the six pages of the memorandum that the FNSI (Italian Press National Federation) handed over months ago to the Senate Justice Committee during the fact-finding investigation on the subject of wiretapping. It was April 27th and the public discussion on the topic – a “hot” topic for decades – was centred on the apparently intransigent, but often contradictory position of Minister of Justice Carlo Nordio: for months the former magistrate from the right-wing government party had announced “a profound review of the discipline” on wiretapping as a “deadly instrument of personal and often political delegitimisation” as well as “a barbarism that costs 200 million Euros a year”.
The announcements in the press, accompanied by dramatic backtracks on the alleged abolition of wiretaps even in cases of mafia and terrorism (because “mafiosi don’t talk on the phone”), and filled with attacks on the categories of journalists and magistrates, continued until the beginning of August, when the final version of the bill – which does not abolish wiretapping for mafia and terrorism crimes but rather broadens its scope – was approved by the Council of Ministers, thus starting its parliamentary process after the summer break.
Already in April however, and then also at the beginning of July during a flashmob against “the gag of the Nordio bill”, the journalists’ union wanted to remind MPs of their “task of balancing the interests at stake, of finding the right balance between two constitutional principles. The one relating to the right to privacy and the protection of the dignity and honourability of people and the one relating to the right to inform and be informed, the cornerstone of our democratic system as the Constitutional Court has reminded us several times with two twin sentences on article 21 and as the President of the Republic often reminds us”.
In fact, what concerns journalists – and what should concern the whole of society considering the role of information in conveying events of general interest – are the new restrictions on the dissemination of wiretaps: the Nordio bill expands the prohibitions already introduced by previous regulations, such as the Orlando reform, and allows wiretaps to be disseminated only if already reproduced by the judge in the motivation and used during the trial.
The issue, however, is even more complex and does not only concern the limitation of the instrument and possible further censorship, but at least three scenarios which partly overlap and partly contradict each other: the right of public opinion to know news of general interest, the risk of extending surveillance practices also to subjects not involved in the investigations, and the protection of the privacy of the suspects themselves on personal matters not relating to the investigations.
General interest and media excesses
As FNSI general secretary Alessandra Costante reminded the senators speaking in the Justice Commission in April, once again the legislator seems not to take “into consideration the need to publish and disseminate news of general interest which is a value to be protected, such as affirmed by the European Court on several occasions, regardless of the aspects linked to a person’s guilt”.
It is true that the reference to the ECHR cannot erase decades of abuse and excesses by the Italian media, which have fed readers and viewers private details that are not relevant for the purposes of the investigation. The fact that the justification for a gag is then built on these excesses seems to be the predictable and much heralded response of the government, which wanted to dedicate the reform to Silvio Berlusconi.
But what would have happened if the Nordio bill had been in force, for example, during the investigation into the collapse of the Morandi bridge? Darkness on the managers’ statements regarding the Benetton family. And for the violence in the Verona police station? Video censorship. The concrete examples, illustrated by the FNSI during the flashmob in July, reflect the current reality, whereby according to the code of criminal procedure a copy of the wiretaps, once deposited, can be provided to anyone who is interested, and it is up to the public prosecutor the ensure that no content relating to sensitive personal data is included in the guidelines. The Nordio bill would instead make a clean sweep, eliminating the possibility of publishing the wiretaps if they have not already been reproduced by the judge in the motivation and used in the hearing. Other prohibitions affect the general prosecutor’s office, the judge, and the public prosecutor, who will not be able to report in the minutes or acquire in the excerpt data relating to subjects other than the parties. And this with the understandable aim of protecting “the third party not involved in the proceedings”.
The spectre of Trojans and questions from senators
In the Senate Justice Committee on 24 January , the president of the Lawful Interception association Elio Cattaneo, who defined the wiretapping sector as “excellence in the hi-tech sector of our country”, gave an overview of the professionals involved, speaking of over 1500 employees – just from its trade association which brings together the six main companies in the sector and which covers 75% of the market. The interception activity takes place 95% on behalf of the Prosecutor’s Office and 5% for the secret services. The main field of application is telephone wiretaps (76%), with 15% environmental wiretaps, 5% computer wiretaps, and 3% Trojans. The data, also available on the ministry’s website , speak of a declining trend, with a peak of 141,169 interceptions in 2013, while the most recent data referring to 2021 reports 95,379 targets, including 72,769 telephone users, 14,606 environmental interceptions, more than 5,000 computer viruses, and 2,896 trojans, the spy virus that transforms the phone into a microphone that is always on.
The senators’ attention was focused precisely on computer interceptors or Trojans, software with unknown potential, during two hearings last January: questions, requests for clarifications, worried interventions, starting from the president of the commission herself, Northern League senator and lawyer Giulia Bongiorno. The Trojans, the senators were told, are able to send and receive, without the knowledge of the owner of the cell phone in which they are installed, not only calls, messages, and emails, but also audio recreating the owner’s voice. It can activate the camera, take photos, and create videos, read text messages and MMS, access the content of instant messaging (including chats protected by encryption such as WhatsApp, Signal, and others), GPS (therefore the geolocation of the device), and inspect the contents (therefore see the images, videos, and documents present), including the Internet browsing history.
Senators were particularly alarmed when Lelio Della Pietra, a forensic IT consultant, reported a case of “manifest pathologies in the process of acquisition and detention of the sound traces coming from the receiver”. Pathologies which according to the engineer can be cured, and it is “strategic that they be cured as soon as possible, because the credibility of the instrument and all the investigations connected to it is at stake”.
The case described by Della Pietra, dating back to 2019, therefore before the entry into force of the Orlando reform which established a general archive of wiretaps, involved a Trojan which records conversations, but not twenty-four hours a day: its first objective is not to be discovered, therefore “it must try to disguise itself, it must not heat up the device, it must not consume too much battery or too much bandwidth”. For this reason, as an “actively piloted device”, it must be programmed via a specific interface.
The anomalies described by the engineer refer to recordings without programming, “a bit like when in lawsuits it turns out that the rifle fired on its own: in this case the Trojan allegedly recorded on its own. In 22 cases there were then very long periods (entire nights) in which the Trojan was programmed to receive and absolutely nothing arrived; moreover, one of these periods is precisely the key night of the investigations, in which the receiver stops receiving at 2 am, while scheduled for the entire following day”. And then there are also audios that literally disappeared, even though the recording time is known. “They just disappeared.”
Even engineer Paolo Reale, another IT forensic consultant, was equally clear in the hearing on January 12, hoping that the legislator would find new rules for a new tool like Trojans: “It is clear that that is a completely different tool from the classic telephone interception, with which it has nothing to do; it is an invasive tool that affects practically all aspects of our lives, because today our cell phone contains all information relating to our appointments or our children, so certainly a different regulation would be desirable for this very reason”.
Balance between rights and mass surveillance
“On interceptions using wiretaps – said the president of the Guarantor for the protection of personal data, Professor Pasquale Stanzione, called by the senators to express an opinion – the intrusive potential of these tools requires adequate guarantees”. “If made available on the market, even just by mistake, in the absence of the necessary filters to limit their acquisition by third parties, these spy apps would in fact risk turning into dangerous tools of massive surveillance”.
Between the risk of mass surveillance and the need to guarantee both privacy and the effectiveness of investigations, the issue of wiretapping involves numerous evolving aspects.
“The lighthouse, the line, the main path is the protection of the human person”, added Stanzione, who also recalled European legislation: “We move in a European system which has made personalism the centrality of its legislation. It will be the GDPR, the Digital Services Act, the Artificial Intelligence Act that will move in this perspective (…) because Europe has a middle path precisely towards artificial intelligence, which touches on these enormous profiles of invasion of the intimate sphere of the person. The middle path is neither the unbridled liberalism of the American experience nor the rigid statism, i.e. the Chinese-Korean one, which leaves no room for the fulfillment and free development of the personality, to which our article 2, cited many times, gives guarantee and solid conformation”.
Nicola Canestrini, criminal lawyer and media expert, also insists on this constant search for a balance: despite having recently defended journalists who had published wiretaps (see the case of the acquittal of the authors of an investigative book on the discontent within the South Tyrolean majority party), Canestrini does not address the issue with an absolutist approach. On the contrary. As demonstrated by his appeal to the Strasbourg Court against the wiretaps which saw him as a victim, the lawyer is decidedly cautious.
In 2021, when he discovered transcripts of his phone calls with his client, Canestrini decided to report this violation of the right to privacy, which had revealed the defence strategy to the public prosecutor. There are at least three occasions in which the lawyer found himself reading excerpts of his conversations with his clients in court documents. Hence the appeal to the European Court of Human Rights, in which he contests the mechanism of posthumous verification of compliance with legal limits.
Therefore, there is no absolutism when it comes to wiretapping, but certain reference criteria: case by case, situation by situation, there are times to approve their publication and others to ask for confidentiality, times to privilege respect for human dignity and others to privilege the needs of the investigations – in the constant search for a balance between constitutionally guaranteed rights.
