GNOSIS
Rivista italiana
diintelligence
Agenzia Informazioni
e Sicurezza Interna
» ABBONAMENTI

» CONTATTI

» DIREZIONE

» AISI





» INDICE AUTORI

Italiano Tutte le lingue Cerca i titoli o i testi con
GNOSIS 2/2011
INTERVENTION of DIRECTOR GENERAL OF THE DIS

Giovanni DE GENNARO

Security culture and implementation of the Reform






The construction of the “Information System for the security of the Republic” delineated by the Reform of 2007 has coincided with a moment of great change in the International scenarios in which the activities of the Intelligence is projected.
In fact, at the end of the Cold War and with the emergence of an economic competition on a planetary scale, the complexity of the interconnections between the National security policy and the economic security policy increased in all the developed Countries. For the Intelligence, this determined the necessity of an ever-increasing “global” approach, in a dense network of inter-dependence between activities of an internal and external, offensive and defensive, public and private nature.
In this changed context, many Countries have arrived at the conviction of having to re-style or profoundly re-organize their information services.
In Italy, the Law N l24 of 2007 introduced considerable innovations:

1) the institutional missions of the two operative Agencies have been significantly enlarged, to the extent that the Legislature has considered it necessary to specify that the functions of the defence of independence, of the integrity and of the internal and external security of the Republic be conducted also through the “protection of the political, military, economic, scientific and industrial interests”;l

2) the role of the inter-ministerial Committee (CISR), which assists the President of the Council of Ministers in the governing of the sector has been changed, with the attribution of functions no longer solely of “consultancy” and “proposal”, but also of “deliberation” on the directions and on the general finality of the policy of the information for the security;

3) the Department of Information for Security (DIS) has been instituted and is responsible for the coordination of the activity of information for the security carried out by the two Agencies (AISE and AISI), which are no longer responsible to the Minister of Defense and the Minister of the Interior respectively, but are now both responsible to the President of the Council. The DIS plays – sometimes in an autonomous way and sometimes on behalf of the Authority of the government – a role of control and protection which, in fact, without interfering with their operative autonomy is placed in a higher position to the Agencies. In this sense it cannot but assume the functions of inspection and enquiry, management of the archives, the planning of the human and financial resources, as its responsibility in the formation;

4) the powers of the Parliamentary Committee of Control (COPASIR) – the presidency of which now necessarily falls to the competence of an exponent of the opposition – have been expanded;

5) functional guarantees have been introduced to protect employees of the Information Services, legitimated today to engage in conduct prescribed by Law as criminal conduct, but indispensable in reaching the institutional purposes;

6) the discipline of the State Secret has been modified;

7) measures for the administrative protection of the reserved information have been taken;

It is evident that it concerns not only new structures, but also and above all, new institutions and new functions that require public discussions and scientific treatment, which in Italy still remain weak and have difficulty in taking off the ground.
Faced with the delicacy of these issues, the Legislature seems to have felt the need of an accompanying measure, providing, as a basic condition for the real success of the Reform itself, a specific activity of dissemination of a shared “culture of the security”, which is also a lever of primary importance to foster a new way of conceiving the relationship between the Institution and the Citizen.
From this point of view, to promote and spread the culture of the security means, therefore, creating the necessary conditions for a general sharing of the new legislation, characterized by great organizational impact.
Actually, it means to focus on some fundamental concepts, on which to ground the thinking around the purposes and characteristics of the activities of research of information for the security, in this era of globalization, enriched, in recent time, by the unprecedented prospects of the so-called economic intelligence and by the cybernetics threat. To this must be added the need to untie a few knots that the legislation has left unresolved.
Both steps are unavoidable to enable the Reform to deploy all of its potentiality and, consequently, to allow the Information Services to operate with the effectiveness required by the new orders of the globalized world.
I shall now try, rapidly, to review the principal questions open on both sides.


National security and National interests

To begin to handle the construction of a new culture of security, it is necessary to make, first of all, incisive and conceptual semantic revisions which allow, in the first place, to reduce the excessive overlapping between the concept of order and public security and that of national security. Although the notions are undeniably related, they are totally distinct, and correspond to two different “missions which the public administrations are called upon to realize.
In the first case, it concerns guaranteeing the peaceful cohabitation of the citizens and their right to be “free from fear”; in the second, to ensure the survival of the Republic itself and, therefore, its territorial integrity, the autonomy of the democratic institutions upon which it is founded, and the freedom to pursue the fundamental interests for the national community.
To clearly individuate in precise terms two equally important missions which are, at the same time, so different, would allow not only the achieving of many steps forward on the organizational level and the functioning of the Security Apparatus, but would also better clarify to the public the exact distribution of the various tasks and responsibilities between the Police Force and the Information Services.
Even more difficult, it may be said, is the definition of national interests, upon which expansion of the subject is merited, also in light of the new legislative indications which have entrusted to the Services the carrying out of informative activities in protection not only of the “political and military” interests of our Country, but also of the “economic, scientific and industrial” ones.
This evolutionary interpretation of the concepts of national security forcefully poses the subject of the activities that the Information Services are called upon to perform to protect the security and the competitiveness of the business companies of strategic importance and of the entire Country-system.


The collection of security information between public and private

The protection of the economic and industrial system is certainly one of the most delicate areas with regard to the legitimacy of the actions of the Information Services, both from the “defensive” viewpoint – in cases of aggressions or intrusions of various kinds to the detriment of the companies – and from the “offensive” viewpoint – in terms of preventive information in support of the competitiveness of these same companies in the various international scenarios.
The subject, even in its delicacy, does not seem to pose doubts, however, on the strategic role of the Information Services as an instrument at the disposal of the Government for the taking of fundamental decisions in terms of protection of the competitive capacity of the Country.
The legislation, however, while identifying the considerable importance of the threat to the economic, industrial and scientific interests, does not specify the characteristics that help define their significance in terms of national interest.
In light of the provisions in force, it seems it can be said that the basic condition for the legitimacy of an intervention by the Information and Security Services can be found in the strategic relevance for the Country-system of the company to be defended.
In other words, the legislation would seem to deny any activities on the part of the Information Services in favour of private interests as such; in fact, if it is true that it can be in the interest of the Republic the fact that national economic operators be protected competitors in the international market, it is equally true that only this “direct” public interest can be pursued, while the advantage of the private must be treated only as an indirect effect and on condition that it has been previously qualified as of public interest on the part of the policymaker.
The questions that arise are, therefore, many, and I limit myself here to formulate just some of them.
When can a company define itself ‘of National interest’?Whose is the responsibility of identifying the companies to be protected on national territory?
What are the limits of intelligence activities in support of the companies committed in the competition on the international markets? What are the limits to be respected in order not to alter the rules of the competitors?
Whatever the answers, a fact appears to be beyond discussion: today, the intelligence contribution is a resource which would not be easily relinquished by any State that we confront in the global competition.
It is, therefore, a matter of regulating the public-private interaction in this area, and to be able to do it according to very strict schemes which permit combining legality and transparency of the procedures with discretion, timeliness and effectiveness of action.


The prevention and defence against the cybernetics threat

The Italian public opinion – and also important sectors of our governing classes – do not seem to have, as yet, a realistic perception of the potential impact of the cybernetics threat on the Country-system and on the National security.
When, many months ago, during the course of a hearing before the COPASIR, I defined a global scale informatics attack more dangerous than a nuclear attack, I thought I may have exaggerated. In recent days, Leon Panetta, Director of the CIA, affirmed, during the course of a hearing before the American Senate, that a serious informatics attack would dwarf the attack on Pearl Harbour.
The salient feature of this threat is its transversality, which would render it as threatening on the public sector as on the private one. The “public-private” inter-action and the integration become indispensable conditions for an effective organization of defence.
Therefore, it is necessary to define, also in light of the experiences which friendly Countries have had, a strategy in which – the “perimeter” of the Italian cybernetic security, the roles and powers of those responsible for the national informatics security and the role and the contribution of the private subjects involved – are absolutely clear.
To this end, the Report of the Parliamentary Committee for the security of the Republic regarding the possible implications and threats against the National security deriving from the cybernetic space, is a significant starting point for considerations that result in the commencement of Government interventions, which appear urgent and can no longer be postponed.


Culture of the security and completion of the Reform

In light of what has been experienced so far, I believe that only the establishment of widely shared views on the issues mentioned here will allow the development of sharp conceptual coordinates and values, to which our Information Services can safely refer in working for the safeguard of the National security, in the face of the competitive rigors with which we must measure ourselves in the international scenarios. The perimeter to be defended is extensive, the risks for the salus rei publicae are many and the price to pay for under-estimation, bad choices or tardy decisions may be too high.
From this awareness, it is necessary to address ourselves to the steps that are still lacking to complete the implementation of the Reform; and this means, in the first place, to loosen the unresolved knots, some of which I will rapidly review here


The organization of government of the
“Information System for the security of the Republic”


The organization of government of the “Information System for the security of the Republic” is one of the matters which would benefit from particular attention, starting from the role of the Inter-ministerial Committee for the security of the Republic, and of the powers of coordination and control of the Information Department for the Security.
The CISR is configured by the Reform as an important conjunction point of the Information System for the Security of the Republic.
The rules governing the activities and powers of the Committee hint at significant potentials, on which reflection would be extremely interesting and useful, for the purpose of individuating the most suitable organizational and procedural instruments to favour a deliberative activity which is increasingly knowledgeable and effective.
The Information Department for the Security is the body used by the President of the Council of Ministers for the purpose of ensuring complete homogeneity of the Information System for the Security.
The unity of the system is one of the cornerstones of the Reform, because it is the organizational canon, thanks to which it is possible to finalize, with maximum effectiveness, the contributions that come from its single components.
It is necessary, therefore, to pay the closest attention to the development and refining of the gamma of instruments that the legislation has preordained for achieving the objective and, if needed, create new ones.
In this regard, a useful consideration could be developed on whether –from both the functional viewpoint and for the containment of expenditure – to institute, as practiced in the United States and in the United Kingdom, a new organ of intelligence that carries out, still from a unitary point of view and for the benefit of the entire system, the delicate activities of communications, images and signals, which, today, represent the fundamental pillar of the collection of information for the security.
I feel that equal attention must be paid to what does not appear consistent with the unitarity of operation of the System.
A concrete example is supplied to us by the circumstance that the Legislature has acknowledged the functions of information collecting to the Armed Forces although has not included them in the Information System for the security of the Republic to which those functions are attributed, on an exclusive basis, according to the same legislation. The contradiction could be resolved either by excluding these functions also to the Armed Forces – and this could represent a weak point for the security of our contingents which operate in the international missions – or by transforming the existing structures which operate at the Joint Chiefs of Staff of the Defence into a real body of military intelligence responsible to the Ministry of Defence, with exclusive tasks of protection of our military deployed in the “war theatre”, but well connected with the general information system.
Among the positive consequences of such a solution would be the submitting of all the information activities, including those military, to the control of a single parliamentary body, the COPASIR, and, of course, a resulting greater harmony of the overall system.


The prospects of parliamentary control on
the Information Services for the security


The strengthening of parliamentary control on the Information Services for the security is one of the basic elements of the Reform: compared to the model of the old Law N 801 of 1977, the system configured by the Reform seems to open substantial prospects of expansion for the control, of a political nature, on the Information Services for the security.
This tendency would make the Italian experience closer to those of other important Western Countries, a point on which it might be worthwhile to reflect.
In those systems, the existence of a penetrating and effective political control – and at the same time suitable to maintain the indispensable level of discretion – obtains two important effects: on the one side, it is seen as an element of protection, also on the part of those belonging to the information bodies; on the other side, from the viewpoint of public opinion, it stands for a powerful legitimizing factor of the entire sector.
On a more general level, since the activities of the Information Services are substantially projected to the political dimension, designed, as they are, to safeguard the very survival of the Republic and the National community, one cannot but reflect, with great attention, on the hypothesis of a further, decisive shift of the axis of control in the highest political place – Parliament – which would take a major role, relative to the control, howsoever necessary, of the Judicial Authorities.
Precisely with reference to parliamentary control on governmental choices in matters of State secrecy, one must remember, first of all, that the Constitutional Court, with the Sentence N 106 of 2010, excluded any evaluation on the concrete exercise of governmental power and limited the question to an extrinsic union of legitimacy on the opposition of the Secret, according to a less invasive approach compared to that practiced for other types of conflict of duties.
As yet, it has not been ascertained what the attitude of the Constitutional Court could be if the conflict was raised by the Parliamentary Committee of Control. On this point, opinions appear divided and, according to one of these, the State Secret privilege could not be invoked to withhold information from the COPASIR in case the total or partial discovery of the information at hand proves essential to allow Parliament to evaluate the reasons furnished by the President of the Council of Ministers and their suitability to allow Parliament to formulate a political judgment on the work of the President of the Council himself.
In this case, according to the same point of view, the Court could ask that the State Secret, or that part of it which is necessary, be removed to allow a parliamentary union of an “internal” character to the limitations of the Secret. The subject is crucial and, until now, has been addressed very little.


State Secrets and constraints resulting from International agreements

The complex subject of the State Secret presents another particularly critical aspect, tied to an insufficient clarity of the legislative formulation: the relationship between State Secret and constraints resulting from International agreements. Today, the exchange of information between the various Countries is extremely intense because a National service is not able to collect, by itself, all the useful information, above all, in times like the present, characterized by the multiformity of the threat and the scarcity of human and financial resources.
Thus, the partnership between Services becomes more important every day and – in a situation in which one of the enemies to be destroyed is, for example, a terrorism which operates on a global scale – it is not exaggerated to affirm that thanks to the progress of the international cooperation in this field, a sort of world network of protection has been created.
Naturally, the exchanges of reserved information for the security must respect the rules which in each Country regulate the secrecy of sensitive data. Certain Countries are more severe, others less, the periods of duration of the secret vary, but if one desires to collaborate on an international level, it is necessary to accept the conditions of the partners.
The protection of the secret in the exchange of information is clearly mentioned in the Reform law and it is the “basic rule” of the system of cooperation between the Services; it is, therefore, of fundamental importance that the sensitive information for the defence of the National interests and of the lives of the people, be safeguarded by all the Services, in all circumstances.
At the same time, the sharing of the information covered by secrecy according to International agreements – bilateral or multi-national – poses delicate judicial problems, which involve various aspects, from the hierarchy of the sources to the qualification of the “understandings” between Services – the violation of which would lead to information ostracism – as appropriate actions to constitute a valid international obligation.
There is a formulation in the Law N 124 of 2007, on the basis of which the State Secret covers that which can damage the safety of the Republic also in relation to the International agreements. Obviously, the crucial point is constituted by the notion of international agreement and by the ascribability of the inter-services agreements to this category. Juridical reflection on this issue still seems at the initial stages.


Conclusive considerations

The reconnaissance which I have made until now moves, naturally, in the logic of a further refinement of the legislative frame work which presides over the current configuration of the National Information System without wishing, absolutely, to put the general structure into question which, to date, demonstrates its basic validity, so much so as to have aroused an emulative interest also from our international interlocutors, who are, in their turn, grappling with the need to review their own intelligence apparatus.
Before concluding, therefore, a very rapid review of the situation may be useful, to take stock of the progress made thus far in the implementation of the Reform.
All the implementation regulations have been issued and, even in one case, that of the rules on the personnel have already provided to make a first “cutting” through the revisions of some legislation which has shown to be needful of improvement.
All the offices of new institution have been launched, such as the inspection office, the central office of the archives, the training school, the department for the counter-intromission of the AISE on the national territory. The territory competence among the Agencies has been defined and, in this light all the AISE sectors on the national territory have been closed.
The best practices search is that which mostly concerns these offices, at the present time, even though the path is facilitated by a full and convinced collaboration from the summits of the System and their direct associates.
The considerations above mentioned, therefore, are intended only to supply proactive ideas on which to reflect. It is possible to add many others, among which can be cited the problem of the control of the communications in counter-espionage activities; the study of instruments to shelter the personnel, so as not to expose the “interna corporis” to the disclosure eventually required in the administrative justice, the adjustment, in terms of effectiveness of the instruments available to the inspectors for the completion of internal investigations.
They are all subjects of great interest and the hope that I express is that of finding deliberation on them in authoritative places, in order that the implementation path of the legislation can be fully realized, and that on the basis of the experience gained to date, all the possibilities of making improvements, even to the primary legislation – where it may be found useful – can also be taken into consideration.

ORGANIZZAZIONE








© AGENZIA INFORMAZIONI E SICUREZZA INTERNA