DATA ACT: A FIRST ANALYSIS TO PREPARE IN TIME FOR ITS ENTRY INTO FORCE

/in /by

The Data Act. Introduction.

The Data Act was created to improve the European Union’s data economy and promote a competitive market by making data, especially industrial data, more accessible and usable. 

The legislation aims to ensure fairness in the distribution of the value of data among the players in this economy by clarifying who can use what data and under what conditions. 

The Data Act gives users of network-connected products (companies or individuals who own or lease such products) more control over the data they generate by providing incentives for those who invest in data technology. It also sets the general conditions for situations in which a company has a legal obligation to share data with another company.

In addition, the Data Act includes measures to increase fairness and competition in the European cloud market and to protect companies from unfair contractual clauses, imposed by contractually stronger parties, in relation to data sharing. It also establishes a mechanism through which, in cases of exceptional need, public bodies can request data from a company; providing clear rules on how such requests should be made. Furthermore, the Data Act introduces safeguards to prevent third country government bodies from accessing non-personal data where this would be contrary to EU or national law. 

On the issues raised by the Data Act, it is also very important to note the presence of the European Commission’s FAQs, which, although they are not regulatory documents, are an excellent interpretative tool to navigate this topic. 

The Data Act. Analysis of the legislation.

Following the general provisions (Chapter I) defining the scope of the regulation and key terms, the Data Act is structured in nine main chapters:

  • Chapter II: Business-to-business and business-to-consumer data sharing in the context of IoT.
  • Chapter III: Enterprise-to-Enterprise Data Sharing.
  • Chapter IV: Protection against unfair contract terms.
  • Chapter V: Data sharing between businesses and public administrations
  • Chapter VI: Switching between data processing services
  • Chapter VII: Protection against unlawful access to data by third country governments
  • Chapter VIII: Interoperability in data flows
  • Chapter IX: Enforcement through designated competent authorities

Chapter II: Business-to-business and business-to-consumer data sharing in the context of the IoT marketplace

A key objective of the Data Act is to create equity in the data economy and enable users to derive value from the data generated using the connected products they own or lease. This provision aims to ensure that users have access to their data generated through the daily use of IoT objects.

The standard allows users of connected products (such as connected cars, medical devices and industrial machinery) and related services (e.g. apps for managing product functionality) to access data co-created through the use of the product itself. The availability of such data will have a significant impact on the economy, as it can be used to develop after-sales services or new innovative services.

Connected products include:

  • Consumer products: connected cars, wearable devices for health monitoring.
  • Other products: aircraft, industrial robots.

Connected services may include applications that provide detailed analysis on the use of the product or assistance in managing its functionalities.

Chapter II applies to all types of data generated by the use of the related product or related service. This includes both personal data and non-personal data, such as metadata and information collected by sensors (e.g. temperature or location). However, derived or highly processed content is outside the scope of the law.

Users can access their own data generated through the connected product and decide whether to share it with third parties. The owner of the data must provide clear information about the rights to access and share their data. 

It is not permitted to use this data to develop competing products. The rule also ensures that micro-businesses are not subject to the same obligations as large companies.

Chapter III: Rules on mandatory data sharing between companies

The Data Act introduces specific rules for cases in which a company has a legal obligation to share its data with another company. This is particularly relevant in the context of the increasing digitisation and interconnection of economic activities as well as the significant rise of the IoT sector.

Chapter III applies to all types of data held by an enterprise and is designed to ensure that the terms of sharing are fair and reasonable. Data owners may request reasonable compensation for making information available.

Compensation may include costs incurred in preparing and disseminating the requested data sets. Micro-enterprises and SMEs may not be charged higher costs than those incurred in making the data sets available.

The law provides for specific measures in the event of unlawful access or misuse of the information shared with the aim of protecting the rights holders of their data sets. This includes the possibility for the rights holder to request corrective measures such as ceasing production of the unlawfully used product or financial compensation.

Chapter IV: Protection against Unfair Contract Terms

Chapter IV of the Data Act is designed to protect all companies, in particular small and medium-sized enterprises (SMEs), from unfair contractual terms that might be imposed by stronger players in the market. This protection is key to ensuring a fair and competitive ecosystem where SMEs can operate without being subjected to undue pressure from larger companies.

The provisions of this chapter stipulate that contractual terms and conditions must be fair, clear and reasonable. It establishes specific criteria for identifying unfair terms, which may include terms that excessively restrict the rights of SMEs or impose obligations that are disproportionate to the benefits received.

In addition, the law requires that contractual terms be drafted in a comprehensible and accessible manner so that all parties involved can easily understand their rights and obligations. This approach aims to ensure that SMEs are not forced to accept disadvantageous conditions simply because they need access to certain services or data.

The law provides specific measures to deal with situations where unfair contractual terms are suspected. SMEs can challenge such clauses before the competent authorities or through dispute resolution mechanisms. In addition, the law encourages transparency in contracts by requiring larger companies to provide detailed information on contractual terms and the implications of proposed clauses.

These measures are intended to strengthen the position of SMEs in the market, enabling them to negotiate more favourable terms and compete more fairly with large players in the sector.

Chapter V: Data Sharing between Business and Government

Chapter V of the Data Act focuses on data sharing between the private sector and public administrations. This chapter is particularly relevant in situations of emergency or exceptional need, where timely access to data can improve the response of public authorities to critical events such as health crises or natural disasters.

Public administrations will be able to access certain data sets held by the private sector in order to make informed data-driven decisions. The law stipulates that such access must take place while respecting the rights of data owners and must be justified by a clear and urgent need.

Public administrations must follow specific procedures to request access to data, thus ensuring transparency and accountability in the process. Requests must be reasoned and documented, and data subjects must be informed of the purposes for which their data are requested.

To protect the rights of data owners, the law stipulates that access requests must respect the principles of proportionality and necessity. In addition, a redress mechanism is provided for data controllers if they consider that the request is unjustified or does not comply with the applicable regulations.

These provisions aim to ensure a balance between the need of public authorities to access data for legitimate purposes and the right of citizens to privacy and protection of their personal data.

Chapter VI: Transition from one data processing service to another

Chapter VI of the Data Act establishes minimum requirements for providers of cloud and edge computing services to facilitate users’ switching from one service to another. This chapter is crucial for promoting competition in the digital services market and ensuring that users have control over their data.

Providers of the above-mentioned services must implement practices that allow users to easily transfer their data sets between different providers without incurring costly penalties or significant technical difficulties. This includes the adoption of open standards to ensure interoperability between different systems.

The law also requires providers to inform users about how the data will be transferred, including any associated costs and timeframes for completing the transfer. Users must have access to clear information on how to manage the process of migrating their data.

To ensure a smooth transition, the law provides for specific measures in case of problems during data transfer. Users are entitled to receive assistance from providers during the process and can lodge complaints if they encounter unjustified obstacles to the transfer.

These provisions are designed to reduce user lock-in with a single provider and encourage greater competition in the digital services market.

Chapter VII: Illegal access to data by the government of third countries

Chapter VII of the Data Act aims to protect European citizens from unlawful requests by external government authorities for their non-personal data sets stored in the EU. This protection is crucial to ensure the security of European users’ data and to maintain trust in the digital marketplace.

The law stipulates that any request from foreign governments must comply with EU regulations and cannot violate the fundamental rights of individuals. Competent EU bodies are responsible for overseeing access to non-personal data and must ensure that such access is justified on legitimate grounds.

In addition, the law requires IT service providers to take proactive measures to protect their data sets from unauthorised access by foreign governments. These measures may include advanced encryption and regular audits of security practices.

In the event of unlawful requests, users have the right to be informed and can challenge such requests through the competent authorities. The law also provides for severe penalties for those who attempt to illegally access non-personal data sets stored in the EU.

These provisions aim to ensure a high level of personal data protection and to maintain the integrity of the European digital market.

Chapter VIII: Interoperability

Chapter VIII focuses on interoperability between different information systems so that there is smooth communication between different information spaces. Interoperability is essential to ensure that data can flow freely between different economic actors without technical or regulatory obstacles.

Participants in common spaces will be required to comply with specific technical standards so that information flows smoothly and efficiently between different operating systems and cloud platforms. The law lays down clear requirements regarding the technical standards needed to facilitate interoperability between different digital service providers.

Furthermore, an EU directory will be created that will define relevant standards for cloud interoperability, thus ensuring a common basis on which interoperable solutions can be built.

To ensure the effectiveness of interoperability, competent bodies will have to continuously monitor the implementation of the standards laid down in the law. Any shortcomings in interoperability will have to be addressed through appropriate corrective measures.

These provisions are designed to promote an integrated digital ecosystem where data can be easily shared between different platforms and sectors, thus contributing to the overall economic efficiency of the EU.

Chapter IX: Enforcement

Chapter IX sets out the responsibilities of Member States in enforcing the provisions of the Data Act through designated competent authorities.

Each Member State must appoint at least one competent authority responsible for supervising enforcement; if more than one authority is designated, a ‘data coordinator’ must be appointed as the national single point of access.

The Data Act. Roadmap.

The European Data Strategy defines the roadmap for the EU to become a leader in the data economy. This will be achieved through the creation of a single European data market in which data can flow between sectors and Member States securely and reliably for the benefit of the economy and society. Within this scenario, the Data Act is a key element in achieving fairness in the allocation of the value of data between stakeholders.

This new legislation will be applicable on 12 September 2025.

To help companies navigate these new rules, the Commission will recommend a set of model contract terms to facilitate fair, reasonable and non-discriminatory data sharing contracts (Chapters II and III of the Data Act). These terms will also provide guidance on reasonable compensation and protection of trade secrets.

The Commission will also recommend a set of non-binding standard contractual clauses for cloud computing contracts between users and cloud service providers. An expert group has also been set up to help the Commission draft such terms and clauses; these recommendations are expected to be published by autumn 2025.

Within three years of the Data Act coming into force, the Commission will conduct an assessment of the impact of the data regulation. On this basis, it may, if necessary, propose an amendment to the Act.

Low-Code and No-Code: The Software Revolution

/in /by

The world of software development is undergoing an unprecedented transformation thanks to the advent of Low-Code and No-Code platforms, along with the integration of generative artificial intelligence tools such as GitHub Copilot, ChatGPT and Gemini. These innovative tools are breaking down traditional programming barriers, making it possible for those without advanced technical skills to create applications.

A New Way of Creating Software

Imagine being able to develop an application by simply dragging and dropping visual components, without the need to write complex lines of code. Low-Code and No-Code platforms offer exactly this opportunity. Low-Code solutions require minimal programming knowledge, allowing developers to speed up the process through visual templates and tools. No-Code platforms, on the other hand, completely eliminate the need for coding, allowing even the uninitiated to create functional applications.

In parallel, generative artificial intelligence tools such as GitHub Copilot and ChatGPT are revolutionising the way code is written. Based on advanced AI models, these assistants offer real-time suggestions and can even generate entire portions of code or answer technical questions, helping developers to write code faster and with fewer errors.

In addition, Gemini, a multi-modal artificial intelligence project, promises to bring further innovation to the field of software development by integrating advanced natural language generation and understanding capabilities.

This democratisation of software development is broadening the horizons of innovation. Now, professionals from various fields can turn their ideas into practical applications, directly contributing to the digitisation of business processes without going through long traditional development cycles.

Why This Revolution Is Happening Now

The growing demand for fast, customised digital solutions has put pressure on traditional development teams. In an era where time-to-market is crucial, companies are looking for more efficient ways to develop software that meets the evolving needs of the market. Low-Code and No-Code platforms emerge as the answer to this need, offering tools that accelerate development and facilitate adaptation to change.

According to industry forecasts, by 2024 a significant share of application development will be done using Low-Code and No-Code platforms. The adoption of generative artificial intelligence tools such as GitHub Copilot and ChatGPT is growing exponentially. These figures underline the growing importance of these technologies in maintaining competitiveness in today’s digital landscape. Companies that adopt these solutions can respond more quickly to market opportunities by offering innovative products and services.

Benefits Beyond Efficiency

In addition to speed of development, these platforms promote innovation within the company. Employees who deeply understand the needs of the business can actively participate in the creation of digital solutions, without having to wait for the IT department to intervene. This approach fosters greater cross-functional collaboration and accelerates the realisation of innovative ideas.

The integration of artificial intelligence tools, such as Copilot, ChatGPT and Gemini, helps developers write more efficient and secure code. AI can suggest best practices, help identify potential vulnerabilities and propose optimal solutions based on a vast database of existing code.

In addition, Low-Code, No-Code platforms and AI tools can help reduce development costs as they decrease the need for highly specialised resources. This allows companies to allocate budgets and resources to other strategic areas. The accessibility of these tools also enables small and medium-sized companies to compete with larger organisations, further democratising the technology landscape.

Challenges to be faced

Despite the many advantages, the adoption of these platforms presents some challenges. The security of applications developed without rigorous technical control can be a source of concern. It is essential to ensure that applications comply with security standards and regulations. Lack of technical expertise could lead to underestimating critical aspects such as data protection and application resilience.

Artificial intelligence tools such as Copilot and ChatGPT are also not without limitations. Although they can speed up development, there is a risk that the suggested code contains vulnerabilities, is redundant or is not optimised for the specific application context. It is crucial that developers carefully review AI suggestions, ensuring that they are appropriate and safe.

The future introduction of technologies such as Google Gemini will bring additional considerations, especially in terms of integration and compatibility with existing tools.

Another risk is the possible creation of data silos, especially if new applications are not properly integrated with existing systems. This can lead to inefficiencies and duplication of information, further complicating the management of corporate data.

To address these challenges, it is crucial to establish appropriate guidelines and governance. Companies must ensure that the use of low-code, no-code and AI tools is aligned with IT strategies and that there is effective coordination between departments. Implementation of internal policies and staff training can help mitigate the associated risks.

The Future of Development is Accessible and Intelligent

The rise of low-code, no-code platforms and generative artificial intelligence tools represents more than just a technology trend; it is a real cultural shift. We are moving from an era in which software development was reserved for a few experts, to a future in which creativity and innovation are within the reach of many.

This movement democratises technology, allowing people with different skills to contribute to the development of digital solutions. In a way, we are witnessing a return to the origins of computing, when the first personal computers made technology accessible to everyone. Now, with Low-Code, No-Code and generative AI, we are making the creation of that technology accessible as well.

The implications of this transformation are profound. Companies can become more agile and responsive, while employees gain new skills and opportunities for professional growth. It also paves the way for more inclusive innovation, where different perspectives can contribute to solving complex problems.

Reflection

The Low-Code and No-Code movement, together with the integration of artificial intelligence tools such as GitHub Copilot, ChatGPT and the future Google Gemini, is redefining the software development landscape, opening up new possibilities for companies and individuals. While it is important not to underestimate the challenges associated with these technologies, the potential benefits are enormous. Organisations that take advantage of these opportunities will be better positioned to innovate and thrive in an increasingly digital world.

Adopting these platforms and tools means embracing a more agile and collaborative approach, where ideas can quickly turn into concrete solutions. It is a step towards a future where technology is not only used by everyone, but also created by everyone. Companies that invest in this direction could gain a significant competitive advantage by successfully adapting to the challenges and opportunities of digital transformation.

The era of accessible and intelligent software development has just begun, and the possibilities that lie ahead are exciting. With the combination of Low-Code, No-Code and generative artificial intelligence, the power to innovate is in the hands of more and more people, ready to shape the future of technology.

The European Accessibility Act: Technical-Legal Analysis

/in /by

Accessibility is a fundamental principle for ensuring that people with disabilities can fully participate in social and economic life. The European Accessibility Act (EAA), or European Accessibility Directive, is a significant step towards harmonising accessibility rules throughout the European Union. This legislation aims to improve the accessibility of products and services, creating a more inclusive market and reducing barriers for people with disabilities.

The European Accessibility Act

The European Accessibility Act, adopted on 17 April 2019, establishes common accessibility requirements for certain products and services, facilitating their availability in all EU Member States. It applies to a wide range of products and services, including:

  •  Self-service terminals: ATMs, ticket machines, check-in terminals, payment terminals.
  • Hardware and software products: Computers, smartphones, e-readers, applications and operating systems.
  • Transport services: Urban, suburban, rail, air, sea and river public transport.
  • Banking services: Payment services, ATMs, online banking.
  • Telecommunication services: Telephone lines, mobile phone services, internet access services.
  • E-commerce: Online sales websites, e-commerce platforms.
    The main objective of the EAA, as already mentioned, is to improve accessibility, remove existing barriers and prevent the creation of new ones. This regulation will have a significant impact on the daily lives of people with disabilities, promoting greater independence and social inclusion.

Obligations under the legislation

The main obligations under the directive include:
1. Requirements for Products

Products covered by the EAA must comply with the following accessibility requirements:

  • User Interfaces: They must be easily perceivable, understandable, usable and robust. For example, displays must be readable even by people with visual impairments and alternative input options such as voice control must be available.
  • Compatibility with assistive tools: Products must be compatible with assistive technologies used by people with disabilities, such as screen readers and voice amplifiers.
  • Ease of use: Products must be designed so that they can be used by people with different physical and cognitive abilities without requiring disproportionate effort.

2. Requirements for Services

Services must be made accessible in the following ways:

  • Accessibility of information: Information provided through the services, including websites and mobile applications, must be available in accessible formats, such as Braille, audio, text readable by assistive technologies.
  • Support and assistance: Service providers should ensure that customer support and assistance is accessible. For example, alternative communication channels must be available for people with hearing or speech disabilities.
  • Accessibility of infrastructure: Physical infrastructure used to provide services, such as transport stations and bank counters, must be accessible and barrier-free.

Timing and Deadlines

EU Member States have until 28 June 2025 to transpose the Directive into their national laws and ensure the conformity of products and services. This involves the adoption of laws, regulations and administrative measures necessary to comply with the obligations of the directive.
Implications for Companies and Public Bodies

Companies must take measures to ensure that their products and services meet accessibility requirements. This may involve:

  • Revision and adaptation of design processes: Companies must integrate accessibility requirements at an early stage of product and service development.
  • Staff training: Companies should train their staff on accessibility requirements and assistive technologies.
  • Monitoring and evaluation: Companies should implement monitoring and evaluation systems to ensure continuous compliance with accessibility requirements.

Public bodies are also required to comply, ensuring that their services are accessible to all citizens. This includes the provision of accessible digital public services and the elimination of architectural barriers in public infrastructures.
Member States are also required to establish mechanisms for monitoring and verifying compliance, to ensure that accessibility rules are effectively implemented and enforced.

Penalties for Non-Compliance

The Directive requires Member States to establish effective, proportionate and dissuasive penalties to ensure compliance with the accessibility rules. Sanctions may vary from country to country, but generally include:

  • Fines: Companies and public bodies that fail to comply with accessibility requirements may be subject to fines. Fines are designed to be high enough to incentivise compliance.
  • Compliance obligations: Competent authorities may order companies to take corrective measures to comply with accessibility requirements. This may include modifying products, services or infrastructure to make them accessible.
  • Legal disputes: In some cases, people with disabilities or organisations representing them can take legal action against companies or public bodies that do not comply with accessibility requirements.

Transposition of the European Directive in Italy

In Italy, the transposition of the European Accessibility Act is underway and includes a series of measures to ensure compliance with the requirements of the directive. The main actions taken include:

  • National legislation: The Italian government is working on the adoption of laws and regulations transposing the requirements of the EAA. This includes amending existing legislation and introducing new laws to cover the specific areas of the directive.
  • Technical Guidelines: Detailed technical guidelines are being developed to assist companies and public bodies in complying with accessibility requirements. These guidelines cover aspects such as the design of products and services, staff training and the implementation of assistive technologies.
  • Monitoring and enforcement: Monitoring mechanisms will be established to verify the compliance of companies and public bodies. Competent authorities will be empowered to carry out inspections, assessments and, if necessary, impose sanctions for non-compliance.
  • Business support: The Italian government should also provide support measures for businesses, particularly small and medium-sized enterprises (SMEs), to help them comply with the requirements of the EAA. This may include financing, technical advice and specific training programmes.

These measures are essential to ensure that Italy meets the deadlines set by the directive and that people with disabilities can benefit from a more accessible and inclusive environment.

Zero Knowledge: A Brief Overview and Historical Evolution

/in /by

Zero Knowledge (ZK) is a captivating concept in cryptography that allows one party to prove the truth of a statement to another without giving away any additional information. In today’s world, where data protection is crucial, this technology is becoming increasingly important. Zero Knowledge enables secure authentication and verification processes, making sure that sensitive information stays safe.

The story of Zero Knowledge began in the 1980s. Researchers Shafi Goldwasser, Silvio Micali, and Charles Rackoff introduced Zero Knowledge Proofs (ZKPs) in their groundbreaking paper, “The Knowledge Complexity of Interactive Proof-Systems.” This work set the stage for the advanced cryptographic protocols we see today.

A major breakthrough came with the development of interactive proof systems. These systems allowed a prover to convince a verifier that a statement is true without revealing any extra information. This interaction involves a series of exchanges, after which the verifier can be sure of the statement’s truth based solely on the communication received. This discovery showed the potential of Zero Knowledge Proofs to change the way secure communications and transactions are done.

As technology progressed, non-interactive Zero Knowledge Proofs (NIZKPs) were developed. These proofs don’t need back-and-forth communication between the prover and verifier, making them more practical for real-world use. This evolution has made Zero Knowledge technology more efficient and accessible, leading to its adoption in various sectors.

Today, Zero Knowledge Proofs are essential in blockchain technology, enhancing the security and privacy of transactions. They make it possible to have anonymous and confidential transactions, which are crucial for keeping privacy in decentralized systems. Beyond blockchain, ZKPs are being explored for secure voting systems, identity verification, and other applications where privacy and security are key.

The journey of Zero Knowledge technology shows its big impact on cryptography and its potential to transform many industries. As the digital world continues to evolve, the importance of Zero Knowledge in keeping interactions secure and private will only grow. This innovative tool is set to become even more important in the future of technology and data protection.

What Are Zero Knowledge Proofs? Understanding the Basics

We understood that Zero Knowledge Proofs (ZKPs) are incredibly versatile, finding applications in various aspects of our digital lives.

Let’s see some scenarios:

  • Alice wants to prove to Bob that she has enough funds for a transaction without revealing her actual bank balance. Using ZKPs, Alice can convince Bob that she has sufficient funds without disclosing any specific financial details. This ensures the transaction is secure and private.
  • Now let’s explore an hypothetical digital voting systems. Voters like Alice want to ensure their votes are counted without revealing their choices. With ZKPs, the voting system can verify that Alice’s vote is valid and has been counted correctly, without exposing who she voted for. This maintains the confidentiality of the voting process while ensuring its integrity.
  • Another use case is identity verification. Suppose Alice needs to prove her age to access a service without revealing her exact date of birth. Using ZKPs, Alice can demonstrate that she is over a certain age without disclosing her actual birthdate. This application helps protect personal information while still providing necessary verification.

These scenarios illustrate how ZKPs can provide strong security and privacy protections in everyday situations. By enabling the verification of information without revealing the underlying data, ZKPs are paving the way for more secure and private interactions in various fields.

How Zero Knowledge Proofs Enhance Blockchain Security

As of now, ZKPs have become a cornerstone in blockchain technology, significantly enhancing the security and privacy of transactions. In blockchain networks, maintaining transparency while ensuring privacy is a challenging balance. ZKPs provide an elegant solution to this problem by allowing transactions to be verified without disclosing any sensitive details.

Let’s take smart contracts as an example, self executing scripts in blockchain where the terms of an agreement can be directly written into code. Back to our favorite characters, Alice and Bob might enter into a smart contract where Alice promises to pay Bob if certain conditions are met. Using ZKPs, the contract can verify that the conditions have been met and execute the payment without revealing the specifics of those conditions to the rest of the network. This enhances the privacy and security of smart contracts, making them more robust and trustworthy.

ZKPs also play a crucial role in preventing fraud in blockchain systems. By ensuring that all transactions are valid without revealing unnecessary information, ZKPs make it much harder for malicious actors to manipulate the system. This helps maintain the integrity of the blockchain, which is essential for its function as a secure and decentralized ledger.

As we can see, ZKPs are not just theoretical concepts but practical tools that enhance the security and privacy in decentralized networks. As blockchain continues to grow and evolve, the role of ZKPs in ensuring its security and privacy is becoming and will become even more critical.

Navigating Legal Challenges with Zero Knowledge Technology

Zero Knowledge Proofs (ZKPs) not only revolutionize the technical aspects of data security and privacy but also bring about significant legal implications. As this technology becomes more integrated into various industries, navigating the legal landscape surrounding ZKPs is crucial for compliance and regulatory purposes.

One major legal challenge involves data privacy regulations. Laws like the General Data Protection Regulation (GDPR) in Europe and the California Consumer Privacy Act (CCPA) in the United States set stringent requirements for how personal data must be handled and protected. ZKPs can help organizations comply with these regulations by enabling them to verify information without actually collecting or storing personal data. For instance, an organization can use ZKPs to confirm an individual’s age or identity without holding sensitive information, thus reducing the risk of data breaches and ensuring compliance with privacy laws.

Another legal consideration is the use of ZKPs in financial transactions and anti-money laundering (AML) regulations. Financial institutions are required to verify the identity of their clients and monitor transactions for suspicious activity. ZKPs can facilitate these processes by allowing banks to confirm the legitimacy of transactions and the identities of their clients without exposing detailed financial information. This not only enhances privacy for the clients but also helps institutions meet their regulatory obligations more efficiently.

Intellectual property (IP) is another area where ZKPs can have a profound impact. Companies often need to share sensitive information during negotiations, collaborations, or patent applications. Using ZKPs, these companies can prove ownership or the validity of their claims without disclosing the actual details of their intellectual property. This approach can safeguard proprietary information while still enabling necessary verification processes.

Finally, the legal system itself can benefit from ZKPs. In legal disputes, parties may need to prove certain facts without revealing all the underlying evidence, which might be confidential or sensitive. ZKPs can provide a mechanism for such proofs, ensuring that justice is served while maintaining privacy and confidentiality.

As ZKPs continue to be adopted across various sectors, their legal implications will need to be carefully managed. Understanding how to leverage this technology within the bounds of existing laws and regulations will be essential for organizations aiming to harness the full potential of Zero Knowledge Proofs.

Zero Knowledge in Scientific Research: Enhancing Data Privacy

Zero Knowledge Proofs (ZKPs) have significant potential to revolutionize scientific research by enhancing data privacy and security. In an era where data sharing and collaboration are crucial to scientific advancement, ZKPs offer a way to protect sensitive information while still allowing for verification and analysis.

One of the most pressing issues in scientific research is the need to share data without compromising privacy. For example, in medical research, patient data must be kept confidential due to ethical and legal considerations. Researchers can use ZKPs to verify that data meets certain criteria or supports a hypothesis without accessing the actual data. This approach enables collaboration and data sharing while maintaining patient confidentiality and complying with regulations such as HIPAA in the United States.

In another scenario, consider a multi-institutional research project where different teams need to verify the accuracy of each other’s data. Traditionally, this would require sharing the raw data, which could lead to privacy breaches or intellectual property concerns. With ZKPs, each team can prove the validity of their findings without revealing the underlying data. This fosters trust and collaboration among researchers while protecting sensitive information.

ZKPs also play a crucial role in ensuring the integrity of scientific data. By using ZKPs, researchers can prove that their data has not been tampered with and that their findings are based on authentic data sets. This is particularly important in fields like climate science or genomics, where the integrity of data is paramount for reliable results.

Furthermore, ZKPs can facilitate secure peer review processes. Reviewers can verify the authenticity and validity of research findings without gaining access to the proprietary data itself. This can streamline the peer review process, reduce biases, and protect the intellectual property of the researchers.

The use of ZKPs in scientific research is not just about privacy but also about enabling more robust and collaborative scientific endeavors. By allowing for the secure verification of data and findings, ZKPs help ensure that scientific research can advance without compromising the privacy and security of sensitive information.

Recap and Key Takeaways on the Importance of Zero Knowledge

Zero Knowledge Proofs (ZKPs) are transforming the landscape of digital security and privacy across various sectors, from blockchain technology to scientific research. By allowing the verification of information without revealing the underlying data, ZKPs provide an elegant solution to some of the most challenging problems in data protection and privacy.

In the blockchain world, ZKPs enhance the security and privacy of transactions, making it possible to verify transactions and execute smart contracts without exposing sensitive details. This balance between transparency and privacy is crucial for the widespread adoption and trust in decentralized systems.

In the legal realm, ZKPs offer tools for compliance with stringent data privacy regulations and provide new ways to handle sensitive information in legal disputes, financial transactions, and intellectual property protection. These applications highlight how ZKPs can help organizations meet their regulatory obligations while maintaining the privacy and security of their data.

For scientific research, ZKPs enable the secure sharing and verification of data, facilitating collaboration while protecting confidential information. This capability is essential for advancing scientific knowledge without compromising the integrity and privacy of research data.

Looking forward, the role of Zero Knowledge Proofs will only grow as digital interactions become more complex and the need for secure, private verification processes increases. ZKPs are not just a theoretical concept but a practical tool with the potential to transform various industries by enhancing security, privacy, and trust in digital interactions.

In conclusion, Zero Knowledge Proofs represent a significant advancement in cryptography, offering powerful solutions to contemporary challenges in data security and privacy. As technology continues to evolve, ZKPs are poised to play an increasingly vital role in ensuring secure and private digital interactions across a wide range of applications.

Artificial Intelligence Rewrites the Rules in Software Development

/in /by

How advanced algorithms are transforming the software development landscape and redefining the future of the technology industry.

In today’s increasingly digital world, where technology drives progress in every sector, Artificial Intelligence is emerging as the main catalyst for an unprecedented revolution in the software development industry. From machine learning algorithms to advanced recommendation systems, AI is rewriting the rules of the game, leading to a radical change in the way software is designed, developed and managed.

What makes AI technologies so transformative in the context of software development?

The most striking aspect is the ability of AI to automate once tedious and human resource intensive processes. Through machine learning and advanced data analysis, AI algorithms can perform tasks such as automated testing, code generation and performance optimisation, freeing developers from repetitive tasks and allowing them to focus on high value-added activities.

But AI does not stop at simple automation. With its ability to analyse large amounts of data in real time, it can improve software quality by proactively identifying and correcting errors. This means more reliable and robust software, resulting in a better user experience and increased customer confidence.

But there is more. Artificial Intelligence is also changing the way developers make decisions. Through predictive analytics and continuous learning, AI can provide data-driven recommendations for design choices, deployment strategies and product improvements. This not only speeds up the decision-making process, but also makes it more accurate and targeted.

However, with great power also comes great responsibility. The widespread adoption of Artificial Intelligence in the software development process raises a number of challenges and ethical issues. Data security, the risk of algorithmic bias and the impact on user privacy are just some of the issues that require special attention from the technology community.

Despite these challenges, the future of the software development industry looks brighter than ever, thanks to the impetus of the Artificial Intelligence revolution. With its ability to optimise processes, improve software quality and inform smarter decisions, AI promises to radically redefine the technology landscape, paving the way for new frontiers of innovation and growth.

In conclusion, as we prepare to embrace an AI-driven future, it is crucial to address the challenges and responsibilities that accompany this transformation. Only through a responsible and future-oriented approach can we fully exploit the revolutionary potential of Artificial Intelligence in software development and beyond.

Aiternalex is Hiring!

/in /by

Aiternalex is looking for a new resource to integrate into the legal team.

Are you an independent professional with initiative and a solid legal background? Join us!

Position: Legal collaborator with VAT number

Where: Rome; Milan; Naples

Education:

  • Law degree
  • Completed legal practice
  • Law degree or master’s degree not mandatory but considered a plus

Behavioural Skills:

  • Excellent interpersonal skills
  • Flexibility and organisational intelligence
  • Goal orientation
  • Excellent communication and analytical skills, with a broad vision encompassing legal, general, technical, environmental and geopolitical aspects

Technical skills:

  • Research and analysis using advanced digital tools
  • Good computer skills (Office, Google Workspace, email and PEC)
  • Problem-solving in the digital environment
  • Advanced English

Type of Employment:

  • Part-time: Partner support, customer management (Remuneration: €500.00)
  • Full-time: Part-time tasks plus development of an autonomous department (Remuneration: to be defined)

Mode of work: Smart working with monthly days in the office to be agreed upon.

We invite interested candidates to send their CV and a covering letter. Selection will be based on the skills demonstrated during the interview.

Aiternalex is a dynamic environment that values talent and innovation. We look forward to your application! 

Write to us at info@aiternalex.com!

SaaS: Digital Transformation in Software

/in /by

The software industry has witnessed an unprecedented revolution thanks to the innovation of the SaaS model, or Software as a Service. This evolution has radically redefined traditional ways of distributing and managing software, opening the door to a digital world characterised by flexibility, accessibility and innovation. By taking a closer look at the history and developments of SaaS, it is possible to fully understand the extent of this transformation and anticipate its future impact.

From roots to market explosion:

In the early days of the Internet, in the 1990s, the embryonic concept of SaaS was beginning to emerge among the many emerging technological innovations. In those years, software was mainly distributed via physical media such as disks and required complex and expensive installations. However, even then, a futuristic vision could be glimpsed in which software would be delivered as a service accessible from anywhere via a simple Internet connection.

With the advent of the new millennium, SaaS made its triumphant entry onto the digital scene, radically transforming the landscape of the software industry. Companies began offering SaaS services in key areas such as CRM (Customer Relationship Management), HR (Human Resources), and ERP (Enterprise Resource Planning), introducing a new paradigm in software interaction. The promise of flexibility, accessibility and scalability quickly caught the attention of enterprises of all sizes, leading to a rapid adoption and spread of the SaaS model.

However, SaaS has not stopped where it started, but has evolved steadily over the years. This development has been fuelled by the advancement of cloud technologies and the growing demand for customisation and integration. Businesses have begun to demand SaaS solutions that can adapt to their specific needs and integrate effortlessly with existing systems. This growing demand has given rise to an explosion of the SaaS market, with vertical solutions appearing in all sectors, from education to healthcare, from finance to marketing.

A bright future of innovation and adaptation

The future of SaaS looks bright, with a wide range of unexplored possibilities. As technological innovation continues to evolve and business adoption becomes more widespread, SaaS will continue to redefine the way we conceive and use software. Its flexibility, accessibility and ability to adapt to changing market needs make it a driver of digital innovation and a catalyst for business progress.

SaaS represents more than just a software distribution model; it is a transformative force that is shaping the future of the software industry and redefining the rules of the game. It is an exciting journey towards a new digital paradigm, and the companies that fully embrace this transformation will be at the forefront of shaping the future of the digital economy.

The E-Sports Phenomenon

/in /by

A Novelty in the Gaming Industry and in Law

In recent years, e-sports have experienced explosive growth, emerging as a driving force in the e-gaming industry. According to the most recent statistics, the number of spectators and participants in e-sports continues to grow significantly, signalling a radical change in entertainment and consumption habits. In this article, we will explore the e-sports phenomenon, analysing current trends and projecting future economic developments, with a special focus on the Italian legislation regulating this rapidly evolving sector.

Diffusion of E-Sports and Future Economic Developments

According to the latest statistics, e-sports are experiencing unprecedented growth in terms of spectators and participants. In 2023, the global number of e-sports spectators was estimated at over 474 million, with further growth expected in the coming years. This phenomenon does not only affect countries traditionally associated with e-sports, but is spreading all over the world, including Italy, where more and more people are becoming passionate about this form of competitive entertainment.

E-sports are not only a form of entertainment, but also a growing economic market. The e-sports sector is expected to grow exponentially in the coming years due to the sponsorship of new players materially involved in the sporting moment, currently untapped ticket sales for events, future TV rights, and revenues from digital media that for the first time are directly involved in service delivery. In addition, the growing popularity of e-sports is prompting more and more companies to invest in this sector, creating economic opportunities for professional players, event organisers and companies related to the gaming industry.

Overview of Italian E-Sports Legislation

There is currently no specific law regulating e-sports in Italy. The biggest problem is obviously the lack of regulatory qualification of e-sports as a competitive ‘sport’ to allow all operators in the sector to benefit from an administrative and tax regulation of their activities. In fact, this absence has the effect of thwarting the attempts of the administrative bodies involved in the management of these activities, such as CONI. 

However, there are some existing laws and regulations that have implications for this fast-growing sector.

As far as competitions are concerned, e-sports are currently regulated mainly by Article 3 of Presidential Decree 430/2001 which, in a decidedly extensive manner, regulates all ‘prize operations’, stating that ‘Prize operations[…] advertising events that provide for: a) offers of prizes to all those who purchase or sell a certain quantity of products or services and offer documentation thereof by collecting and delivering a certain number of documentary proofs of purchase, also on magnetic media; b) offers of a gift to all those who purchase or sell a certain product or service.” In fact encompassing within a complex administrative process any type of delivery of prizes in any non-commercial form or gift.

There is also specific legislation with provisions regulating the video game industry in general. For example, the law establishes rules for the marketing and distribution of video games, as well as for the protection of minors from inappropriate content. It is also necessary to mention that e-sports involve the use of copyrighted content, such as video games and streaming of games, which are protected by the Italian law on copyright and intellectual property, which protects the rights of authors and creators of content by laying down rules for their legal use 

In addition, the world of e-sports involves many professionals such as players, coaches and event organisers, all of whom are subject to Italian laws on employment relations and contractual matters. Finally, as e-sports often involve the collection and processing of players’ and spectators’ personal data, it is important that e-sports organisations and platforms comply with Italian privacy and data protection laws, such as the GDPR.

Given the ever-evolving nature of e-sports and the related industry, specific laws and regulations are certainly needed to address the unique issues affecting this sector, and Aiternalex is also active in this area to push for regulatory intervention.

The Dawn of Advanced Wearable AI: Navigating Innovation and Compliance

/in /by

Unfolding the Story of Wearable AI

In the rapidly evolving landscape of technological innovation, wearable AI stands as a beacon of progress, marking a notable departure from traditional tech paradigms. This shift reflects a broader trend where technology is evolving from mere functionality to more intuitive, seamless user experiences. Not too long ago, wearable devices were primarily associated with fitness tracking and basic notification management. Today, they are evolving into sophisticated, AI-integrated tools that promise to redefine our daily interactions.

The current market for wearable devices is impressively diverse. It ranges from smartwatches like the Apple Watch, celebrated for their health monitoring capabilities and ecosystem integration, to fitness trackers from brands like Fitbit and Samsung, which cater to health-conscious individuals with features like step counting, heart rate monitoring, and sleep tracking. These devices have laid the groundwork for the next wave of innovation in wearable technology, hinting at a future filled with even more advanced capabilities.

Redefining User Interactions with AI Integration

Looking ahead, the future of wearable AI seems poised to transcend the limitations of current devices. Far more than mere extensions of smartphones or fitness trackers, these advanced devices, akin to those being developed in projects like Humane’s AI Pin, are reimagining human-technology interaction. The concept is fascinating: a device no larger than a pin, equipped with a Snapdragon processor, local storage, a camera sensor, and a suite of other sensors like accelerometers and gyroscopes. This isn’t just a step forward in gadgetry; it’s a leap into a future where technology becomes more intuitive, responsive, and seamlessly integrated into daily life.

The uniqueness of these devices lies in their interaction methods. Moving away from traditional screens and taps, they are embracing voice and gesture control, striving to make communication with technology as natural as interacting with a friend. Some even propose utilizing laser projection systems to display information directly onto surfaces, thus liberating users from the confines of physical screens.

Legal Implications: A Delicate Dance with Data Protection and Privacy

The integration of AI into wearable technology introduces complex challenges in data protection and privacy. These devices, capable of collecting a wealth of personal data, necessitate a balanced approach to comply with stringent data protection laws like the EU’s General Data Protection Regulation (GDPR). Key considerations include user consent, data minimization, and the implementation of robust security measures. The GDPR emphasizes transparency in data handling and the need for strong security to protect sensitive information, especially as these devices frequently handle health-related data. Companies in the wearable AI space must therefore navigate the delicate balance between innovation and legal compliance, ensuring user trust is upheld through responsible data handling and adherence to privacy laws.

The Intersection of Innovation and Responsibility

The wearable AI market is currently at a pivotal juncture, delicately balancing the excitement of technological innovation with the imperative of responsible data management. As these devices become more intertwined with our daily lives, their impact on privacy and data security will be scrutinized increasingly. The future of wearable AI hinges not just on technological advancement but also on ensuring that these advancements are made responsibly. A keen awareness of the legal and ethical responsibilities that accompany these innovations is essential.

The potential for wearable AI to enhance various aspects of life is immense. From health monitoring to augmented reality experiences, these devices can offer unprecedented convenience and insights. However, the journey towards this future is fraught with challenges and responsibilities. Companies venturing into this space must not only focus on the technological marvels they can create but also on how they can do so in a manner that respects privacy, ensures security, and promotes user trust.

In conclusion, the emergence of wearable AI represents a significant milestone in the evolution of technology. It’s a journey that blends the thrill of innovation with the gravity of ethical and legal responsibilities. The path ahead for wearable AI is as much about technological prowess as it is about navigating the complex landscape of data protection and user privacy. As these devices continue to evolve and become more integrated into everyday life, the balance between innovation and compliance will remain a critical focus for the industry.

Agile and Lean Principles: Driving Business Transformation Beyond Software Limits

/in /by

In today’s corporate arena, a significant wave of change known as Agile, which has transcended the boundaries of software development alone, embracing a broad spectrum of sectors with determination and success.

This approach, renowned for its adaptability and agility in meeting customer needs, has recently embraced Lean principles, resulting in a hybridisation that promises to redefine business efficiency and productivity.

The Alchemy between Lean and Agile for Continuous Progress

Combining Lean principles with Agile is a promising combination that harnesses the essence of both methodologies. Lean, with its focus on minimising waste and optimising workflows, merges synergistically with Agile.

This combination has generated concrete solutions, such as the integration of Lean practices like Kanban or Kaizen into Agile methodologies, speeding up the decision-making process and providing more immediate responses to customer requests.

A Revolution Outside Software

The versatility of Agile is not limited to the world of code. Today, business sectors such as marketing, project management and human resources embrace Agile principles.

For example, in marketing, Agile enables a rapid response to market changes by adapting advertising strategies in real time. In the field of resources human resources, the use of Agile methodologies such as Scrum simplifies and accelerates the recruitment process.

The Key to Successful Agile Adoption

Implementing Agile is not just a matter of adopting new tools, but requires a profound cultural change. This transformation implies a shift from rigid hierarchies to more flexible and collaborative structures. Teams that embrace these new dynamics are better able to adapt to change, thanks to the transparency and shared responsibility promoted by Agile methodologies.

Agile, enriched by Lean principles, is redefining the way companies operate. Its adaptability makes it a key resource in many work contexts. However, in order to reap the full benefits of this methodology, a profound cultural change that favours collaboration and innovation. It is only through this change of mindset that organisations can exploit the full potential of Agile and achieve significant competitive advantages.

Contact us for advice

REQUEST INFORMATION

Our newsletters

SUBSCRIBE

IMPRINT

Studio Legale Associato Gaeta Shargool | Email: info@aiternalex.com

Largo dei Chiavari, 82 – 00186 Rome, RM (Italy) | VAT: 16705131007

© 2025 Aiternalex | Powered by ORA Comunica | Privacy Policy | Cookie Policy