A physicist and mathematician, Eviatar Matania splits his teaching schedule between Oxford and Tel Aviv University. A former head of the Israeli National Cyber Directorate under Benjamin Netanyahu, he has published widely on issues of cybersecurity and artificial intelligence.
Matania, 56, sat down for an interview with EL PAÍS while visiting Madrid for a conference.
Question. Is privacy dead?
Answer. In China, the social credit system already works by which citizens receive a score based on their [digital] behavior: if they consume pornography, points are deducted. If they buy things online for children, they receive points, because they’re supposedly being responsible. In addition, [people] live with cameras in the streets. If you don’t behave well there, it will be very difficult for you to leave the country, get an apartment or get permits for so many things.
I see the threats that hang over privacy from cyberspace… giants like Google or governments know more about you than ever before. But I also see people trying to defend their privacy. If we look at what the European Union or academic foundations are doing, we see that a battle over privacy is being waged. Of course, the [younger generations] perceive privacy very differently. They display everything online… they enjoy doing it! Because of this, the key will not only be what we do to defend our privacy, but also how the new generations perceive privacy and defend human rights.
Q. How can we make sure that we govern technology, without letting it govern us?
A. Education is key. Finland has understood the threat to democracy that Russia exercises from the web… the country has begun to educate students about how to be good internet users. Our parents taught us to be careful on the street, to cross safely, things like that… but they wouldn’t know what to teach us about cyberspace! The Finns are doing that now,
building awareness about privacy, democracy and human rights, while distinguishing the most objective news from fake news.
Only after education can we talk about regulation. I am very much not in favor of strict regulation, but I am in favor of codes of good practice and of recommendations that will unleash competition between companies to defend privacy and rights. If we combine education, awareness and regulation, we can achieve good results.
Q. Do you sleep with your mobile phone on the nightstand? Aren’t you afraid of being hacked?
A. Nope! Precisely because I know technology so well, I know what can and cannot be achieved. I know that, if a high-level cyber attacker really wants to get all the information about you and be on your phone, he will be able to do it. But most of the time, that’s not the case. If you know how to behave with your mobile and your computer, you generally will not be the target. No one is going to take pictures of you while you sleep. Many people are paranoid.
Q. Pedro Sánchez’s cell phone was recently hacked by the Pegasus system, sold by Israel to Morocco.
A. He’s the Prime Minister.
Q. What did he do wrong?
A. When we talk about presidents, ministers or senior officials, we do have to be careful, because they are usually the targets [of cyber attacks]. Most of us aren’t so interesting. The leader of a country should be more careful than the average person.
Q. Do you understand why the EU restricts Pegasus?
A. Yes, I get it. Although, it’s a little strange. Let’s think about Spain for a moment. It’s one of the major arms exporters. And not only to the European Union… Spain exports weapons to Morocco, Saudi Arabia and other countries. And weapons kill people: look at what is happening in Ukraine. People are not dying from cyber warfare, but from missiles. Cyber espionage, however, does not kill people. So, if we’re talking about exporting things, weapons are much more debatable.
Q. You mentioned Ukraine. The big surprise was that we expected a cyberwar, but instead, we now see tanks and missiles.
A. Artillery, artillery, artillery killing people! Yes, that’s what happened.
Q. Were you surprised?
A. I was not surprised. What is interesting is that Ukraine has managed to stop Russia’s conventional warfare thanks to advanced technology.
In response to your question, I wasn’t surprised for one reason: cyber warfare still doesn’t have the capacity of conventional warfare. It just hasn’t gotten there yet.
There’s a second reason: Russia does not use cyber warfare “instead of” conventional forces, but “with” them, hand-in-hand. The day before the invasion, Putin launched some cyberattacks, like someone who carries out airstrikes before entering with tanks.
A decade ago, people believed that it was really difficult to defend a country from cyberattacks. But there has been a lot of investment in defensive cybersecurity. And, once the business world gets involved, technological solutions begin to improve and those who know how to use them defend themselves better. Today, things are more balanced.
Q. To what extent has cyber defense been key for Ukraine?
A. Microsoft has declared that the war front runs through its headquarters in Redmond, Washington. A global technology company is defending Ukraine… this is something we have not seen in other wars, a large corporation that is so much stronger than many states. This is also the first time that you see tech giants not only motivated by economic interests, but also beginning to become political actors.
Microsoft has had an ambassador to the United Nations since 2020. He sits at tables where cyberspace issues are debated. Giants like Google, Apple, Microsoft, Amazon or Ali Baba have become political actors. The fact that Microsoft defends Ukraine and hosts all of its government’s information in the Microsoft Cloud is astounding. The tech giants are becoming big players… in a decade, you’ll see them in the command room.
Q. Is there a danger to this?
A. It’s too early to say. There is a constant fight between Silicon Valley and Washington DC, between tech CEOs and politicians. You don’t want technology to decide things for you in a democratic country… you prefer to do it through politics. But there are people who prefer Apple to defend them instead of a senator.
Q. The conclusion is that states are weaker than companies…
A. Some states are weaker than companies. Spain or Italy alone are weak… but the EU, as a whole, is very strong in terms of data protection and regulatory standards.
Q. Who are the superpowers of the cyber age?
A. The US, Russia and China are the cyber superpowers from a military standpoint. Far behind are the United Kingdom and France. But there is another interesting race – not from a military point of view, but from a data point of view – in which the players are the United States, China and the EU. Not Russia, by no means is Russia a player in the economic-technological race for artificial intelligence.
The US and China are competing to see who will be the best developer of artificial intelligence. EU countries, meanwhile, are constantly searching for how to best use these technologies. For example, Finland says: “We cannot compete with the US or China in the development of AI… but we will be the best customers. We will educate our population in the use of the new data language, to achieve a better economy and well-being.”
Q. What is the most important lesson you teach your students?
A. The most important thing I try to convey is that we live in the age of technology. It influences our lives, society, economy and national security like never before. We need people to understand it and develop insights. Now, one doesn’t necessarily need to work in the field… but they need to know how to use technology and how to behave when they’re using it. It will be top of mind for the next decade or two.
Q. The main lesson, then, is not a technological lesson, but a human one.
Q. Is espionage easier now than it was in the Cold War?
A. It’s not that it’s easier, just different. During the Cold War, human intelligence was used. Today, most intelligence is gathered through cyberspace, but you still have to analyze the data. Sometimes it’s easier and sometimes it’s not.
Q. What’s the most surprising cyberattack you’ve ever seen?
A. I don’t know if it was surprising, but the most interesting was the Petya virus, which started in Ukraine and quickly became a worldwide problem. It was very sophisticated:
Western companies accidentally spread it through their servers and suffered global losses. In that attack, we saw how quickly a local tech issue can become global.
Q. How do you teach people to distinguish fake news from real news?
A. One of the fights of the future will be over the truth. We will see the ability to build another truth – to show a video with your words and your language saying something that you have not said. We are only at the beginning of this phenomenon.
The more you read – the more different sources you try to understand – the better position you will be in to differentiate the true from the false. And narrative will also be key. You can build a narrative to achieve a change of position. In other words, it’s not just about truths or lies, but also about stories.
Q. Before we wrap up… what do you think about cryptocurrencies?
A. I don’t have a strong opinion on the subject.
Sign up for our weekly newsletter to get more English-language news coverage from EL PAÍS USA Edition