Week 5 - Privacy And Data Protection Law

Question 1

Smart city =

Answer 1

An infrastructure framework that addresses the growing urbanization challenges by embracing integrated and automated information and communication technologies to help optimize all city operations, help achieve sustainability goals and better quality of life for its citizens.

Question 2

API =

Answer 2

Application programming interfaces. These are a vital component of smart city development. They allow users to connect directly to the data they need without repeatedly searching through the huge volume that is produced. APIs can also help connect data and devices together to create a unique, shared information system that smart city services can be built on.

Question 3

What is a key challenge of smart cities?

Answer 3

The need to process extremely large amounts of complex and geographically distributed sources of data (citizens, traffic, vehicles, city infrastructures, IoT devices etc.) combined with the additional need to deal with this information in real time.

Question 4

What was held in the so-called SyRI judgement?

Answer 4

The district court of the Hague held that a controversial automated welfare-fraud detection system, which allows the linking and analyzing of data from an array of government agencies to generate fraud-risk reports on people, violated the right to private life, guaranteed under Article 8 of the European Convention on Human Rights (ECHR). One of the first times an ADM system being used by welfare authorities has been halted based on Article 8 of the ECHR.

Question 5

Why do the impacts of systems such as SyRI on human rights need to be carefully and continuously evaluated?

Answer 5

Because more and more decisions affecting daily lives of individuals are being automated

Question 6

What does the use of systems such as SyRI involve?

Answer 6

The processing of vast quantities of data from numerous sources, and using predictive analysis to foresee risk, automate decision-making and remove discretion from human decision makers.

Question 7

Why was SyRI criticised?

Answer 7

Because of its lack of transparency, the fact that it was used exclusively in areas with a high proportion of low-income residents, migrants and ethnic minorities, had hugely negative impact on the right of poor individuals without according them due process and as such, was labelled as an implementation of a surveillance state for the poor.

Question 8

Which array of rights and freedoms can ADM systems impact upon?

Answer 8

The right to a fair trial and due process, the rights to private life, freedom of expression, freedom of assembly, the right to an effective remedy, and the prohibition of discrimination.

Question 9

What does an interference with private life need to adhere to in order to be consistent with Article 8 ECHR?

Answer 9

It must be in accordance with law, pursue a legitimate aim, and necessary in a democratic society

Question 10

What does Article 22(1) GDPR say?

Answer 10

This article provides that data subjects have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affect them.

Question 11

Define profiling?

Answer 11

Any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

Question 12

Which exceptions does Article 22(2) GDPR contain to the prohibition on ADM and profiling?

Answer 12

Incl. when it is authorized by national law, which lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests. It should be allowed where it is authorized by national law, including for fraud and tax evasion monitoring and prevention purposes.

Question 13

What was recommended as solutions for ADM systems after SyRI?

Answer 13

• ADM systems should be subject to strict control criteria in terms of security, transparency, accountability, non-discrimination, and social responsibility
• there should be safeguards, including meaningful human supervision, transparency and the possibility to contest a decision
• there was a call for explainability of algorithms, transparency and regulatory oversight when AI is used by public authorities, and for impact assessments to be conducted before tools using AI technologies are deployed by state authorities

Question 14

Live facial recognition technology =

Answer 14

When footage obtained from video cameras (CCTV) is compared with images in databases

Question 15

How are people’s facial images categorized and recognized by EU law?

Answer 15

As sensitive data and a form of biometric data.

Question 16

Which are the concerns of facial recognition technology?

Answer 16

1. Easy to capture
2. Unawareness of being captured
3. High risk of errors, especially for minority groups

Question 17

Which fundamental rights are affected by facial recognition technology?

Answer 17

Among others; human dignity, the right to respect for private life, the protection of personal data, non-discrimination, the right of the child and the elderly, the rights of people with disabilities, the freedom of assembly and association, the freedom of expression, the right to good administration, and the right to an effective remedy and to a fair trial.

Question 18

Chilling effect =

Answer 18

When the use of (for example) facial recognition technology has a negative impact on the freedom of assembly by making people fear that this technology will be used to identify them.

Question 19

How will the curtailing of privacy by processing large amount of personal data (including in particular individual faces) ultimately affect the functioning of democracy?

Answer 19

Due to privacy being a core value inherent to a liberal democratic and pluralist society, and a cornerstone for the enjoyment of fundamental rights.

Question 20

Define biometric data?

Answer 20

Personal data resulting from specific technical processing relating to the physical, physiological or behavioral characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopic (fingerprint) data.

Question 21

Which two categories of information are recognized as biometric data under EU data protection law?

Answer 21

1. Physical/ physiological characteristics, which pertain to bodily characteristics such as facial features, fingerprints, retina and iris characteristics, digital facial images and;
2. Behavioral characteristics, like deeply ingrained habits, actions, personality traits, addictions, etc. this includes behavioral characteristics that could permit the unique identification of a person such as a hand-written signature, or a way of walking or moving.

Question 22

What distinction does recital 51 of the GDPR make between the legal nature of simple photographs and biometric facial images?

Answer 22

The definition of biometric data applies to photographs only when these are processed through specific technical means allowing the unique identification or authentication of a natural person.

Question 23

Which are the special categories of personal data?

Answer 23

Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person’s sex life or sexual orientation.

Question 24

Verification (one-to-one comparison)?

Answer 24

It enables the comparison of two biometric templates, usually assumed to belong to the same individual. Verification does not demand that the biometric features be deposited in a central database

Question 25

Identification (one-to-many comparison)?

Answer 25

Identification means that the template of a person’s facial image is compared to many other templates stored in a database to find out if his or her image is stored there. Sometimes images are checked against databases, where it is known that the reference person is in the database (closed-set identification), and sometimes, where this is not known (open-set identification). Live facial recognition technologies are more likely to result in false matches as compared to facial images taken in a controlled environment, such as a border crossing point or a police station.

Question 26

Categorisation (matching general characteristics)?

Answer 26

Categorisations means that the technology is not used to identify or match individuals, but only characteristics of individuals, which do not necessarily allow for identification.

Question 27

Spoofing =

Answer 27

Fake face images

Question 28

False positive =

Answer 28

When an image is falsely matched to another image on the watchlist.

Question 29

False negative =

Answer 29

Those who are deemed not to be matches (i.e. not on the watchlist), but in fact are matches.

Question 30

Which 3 important considerations do we need to keep in minding when discussing error rates?

Answer 30

1. An algorithm never returns a definitive result, but only probabilities (%)
2. As a consequence, there is always a trade-off between false positives and false negatives because of the decision on a probability threshold. If the threshold is higher, false positives will decrease, but false negatives will increase, and the other way around.
3. The rates need to be evaluated with the quantities of real cases in mind.

Question 31

Which factors influence the quality of facial images?

Answer 31

These include background and object occlusion, illumination and light reflection, ergonomics, age, aging, gender, skin colour and skin conditions

Question 32

In the case of law of the ECtHR which elements have been identified when determining whether a measure is necessary in a democratic society?

Answer 32

The interference needs to correspond to a pressing social need, must be proportionate, and that the reasons given to justify the interference must be relevant and sufficient.

Question 33

Function creep =

Answer 33

The personal data (the facial images) may be used for purposes that were not initially envisaged

Question 34

Phenotypical characteristics =

Answer 34

I.e. the expression of genes in an observable way such as hair or skin color which might influence the outcome of biometric matching in facial recognition systems.

Question 35

Both privacy and data protection are so-called qualified or non-absolute rights, what does this mean?

Answer 35

This means they can be restricted if certain requisites are respected, and that they must be balanced with other human rights, freedoms, or with protected interests of the state.

Question 36

Which two main criteria are used to determine whether personal data processing infringes on private life, family life, home or correspondence by the ECtHR?

Answer 36

1. Whether the data pertains to one of those four dimensions, based on the very nature of this data; and
2. How pervasive and extensive the processing was