Wifi4EU - broken by technical specification

Little Detritus

Playlists: '35C3-chaoswest' videos starting here / audio / related events

With the Wifi4EU programm the EU is planning to spend 100 million € by 2020 to subsidise a centralized surveillance infrastructure for centers of public life in the EU.
The talk will lay out how Wifi4EU is supposed to work both administratively and technically, where there are problems with the later and what is and can be done about it.

Slides: https://zenodo.org/record/2527538#.XCUXplxKjIU

With the [Wifi4EU programm [1]](https://www.wifi4eu.eu/) the EU is planning to subsidies the installation of free Wi-Fi with 120 million € until 2020. The installations are planned to be "... free of charge, free of advertising and free from commercial re-use of data. ..." [[2]](http://europa.eu/rapid/press-release_IP-18-2065_en.htm) and aim "... to equip every European village and every city with free wireless internet access around the main centres of public life. ..." [[1]](https://www.wifi4eu.eu/)

Unfortunately the technical specifications implemented in the first call on the 7th - 9th of November [[3]](https://ec.europa.eu/digital-single-market/en/news/preliminary-results-1st-wifi4eu-call) tell a different story. So far 42 Million € are planned to be spend in a flawed design.

Amongst other problems they include:

* requirements for a centralized authentification infrastructure - like eduroam [[4]](https://ec.europa.eu/digital-single-market/en/faq/wifi4eu-questions-and-answers) (FAQ 23),
* inherent IT security problems - embedded snippets in the captive portals [[4]](https://ec.europa.eu/digital-single-market/en/faq/wifi4eu-questions-and-answers) (FAQ 26) and
* proprietary standards - hotspot 2.0. [[4]](https://ec.europa.eu/digital-single-market/en/faq/wifi4eu-questions-and-answers) (FAQ 27)

Following a talk at the wireless community weekend in May this year [[5]](https://www.youtube.com/watch?v=YbPpK8_X9Qg) the talk will include:

* a short introduction to the programm,
* how it came to be,
* what happend so far
* the implications of the programm
* what can be done to fix things.

Besides contacting the european comission, several members of the european parlament and Klaus Landefeld of the eco [[6]](https://international.eco.de/people/klaus-landefeld/) we were able to get members of the german Bundestag to get interested in the issue [[7]](https://twitter.com/jimmyschulz/status/1060210780992356352). This led to a "schriftliche Anfrage" towards the Bundesregierung regarding the GDPR compliance of the authentification infrastructure, the situation is currently evolving.

The talk aims to inform about the current state of affairs and hoefully foster a discussion during the congress what can and should be done to prohibit the creation of yet another surveillance infrastructure and what a desirable public Wi-Fi infrastructure should look like.