Table of Contents 

Executive Summary

This is the report of the Kick-off Workshop on Behavioural Biometric Profiling and Transparency Enhancing Tools, held at the Vrije Universiteit Brussel at 21.02.2008.  This fourth workshop of WP 7 was organized as a kick off meeting to prepare for the report D7.12 on Behavioural Biometric Profiling, to be submitted in month 54 of the project (November 2008).  

Note: This section is mandatory for all deliverable and should help to get an overview of the topics covered in the document.

Preparation of Deliverable D7.12

In the following sections we give an overview of the subjects discussed during the workshop , of the suggested structure of the report, the timetable, editors and internal review. 

1. First of all, an adequate working definition of Behavioural Biometric Profiling is needed. Especially the difference between BBP and physical biometrics must be clarified as well as the difference between BBP and non-biometric behavioural profiling (e.g. transactional profiling). A Wiki page is created to discuss and to define suitable definition(s) of Behavioural Biometric Profiling and to develop further relevant distinctions.

A similar wiki is created to clarify the concept of TETs (which refers to both legal and to technological transparency enhancing tools). Both wikis can inform the Identity WIKI of WP2. 

1. Second, it would be interesting to include in the deliverable cases that function as examples of potential BBPs (like driver fatigue detection, key stroke analysis etc.), and to develop scenarios for these examples of BBP which demonstrate the potential implications of BBP. This should also clarify the need for TETs.  

2. Third, the social implications of the usage of BBP needs to be assessed, building on the scenarios, existing literature and further exploration of the findings of workpackage 7. Vulnerabilities must be detected as well as the way in which BBProfiling differs from other types of profiling. 

3. Fourth, the existing legal framework must be assessed in terms of its adequacy to deal with specific threats of BBP usage.  

4. Fifth, an analysis must be made of the extent to which present legal and technological TETs can provide an adequate response to increased reliance on BBP in online and AmI environments. For this we can partly rely on work done within other FIDIS deliverables, notably D7.9. 

Proposal for a structure of the report

Based on the discussions of the workshop the following general outline is proposed, to be further elaborated in the coming months.  

Chapter 1: Introducing BBP and TETs (All partners)

What is BBP? (working definition; difference with physical biometric profiling and with non-biometric behavioural profiling; enabling technologies, like online profiling and sensor technologies; BBP as a species of profiling and data mining; role of interpretation; measures for reliability; objective of BBP either identification in broad or narrow sense; applications online and offline; relevance for AmI and the Internet of Things; potential threats) 

What are TETs? (working definition; relationship to PETs; relationship between legal and technological TETs; Ambient Law; examples) 

What is the link between BBP and TETs? (first assessment of  

Driver Fatigue Detection System (Hildebrandt, VUB) [reference to technical description including reliability; scenario highlighting potential threats] 

Web Proiling (Benoist, VIP) [reference to technical description including reliability; scenario highlighting potential threats] 

Gait? Emotion-detection? (Andronikou, ICCS) [reference to technical description including reliability; scenario highlighting potential threats] 

Autonomy threats  

Social sorting  

Privacy 

Security 

Relationship with invisible visibility, impact of group profiling 

Summary of findings within D7.3/7/9. 

Privacy 

Data Protection 

Anti-Discrimination 

Issues: consent, conflict with intellectual property rights and trade secrets 

Chapter 5: The role of TETs in the case of BBP (KAU, ICPP, TUD, ICRI, VUB)

Existing technological TETs, a subset of PETs (reference to D7.9 and other deliverables, PRIME) (KAU, ICPP, TUD) 

Existing legal TETs, within the framework of data protection (reference to chapter 3) (ICRI, VUB) 

Envisioned technological TETs, not focused on transparency of the processing of ones personal data but on access to applicable profiles (ICCS?VUB? KAU?ICCP?TUD?)

Envisioned legal TETs, not focused on transparency of the processing of personal data but on access to applicable profiles (VUB, ICRI). 

Chapter 6: Conclusions

Editors, internal reviewers and time table

The report will be edited by Mireille Hildebrandt (VUB). Claudia Diaz (ICRI) will be invited to take care of the internal FIDIS review; the second reviewer will be invited at a later stage.  

The following time table is proposed (dates are dealines): 

1. April 1, 2008        elaboration on the wiki – to be continued during whole writing             process, agreement on structure and respective contributions

2. May 1, 2008        first version contributors

3. June 1, 2008         comments editor

4. July 1, 2008         final version contributors

5. August 1, 2008    final version report; internal review

6. September 1, 2008     comments internal reviewers

7. October 1, 2008    off to the Commission

Participants

Participants 

1. Hans Hedbom             KAU

2. Simone Fischer-Huebner        KAU

3. Els Kindt                ICRI

4. Stefan Berthold            TUD

5. Emmanuel Benoist             VIP

6. Hildebrandt Mireille            VUB

7. Niels Van Dijk             VUB

8. Els Soenens                 VUB

Absent 

1. Vassiliki Andronoukou         ICCS

2. Bart Custers                TILT

3. Marit Hansen                 ICCP

Program

8.45: Welcome and Coffee in room 4B302

9.00: Session 1: introduction and general discussions

1. 9.00-10.30: ‘BBP and TETs’. Introduction by Mireille Hildebrandt (VUB)  

2. 10.30-12.00: Discussion of definitions, applications, reliability and risks of BBP and TETs, as well as the relationship between the two. 

12.00: Lunch at ‘Quartier Latin’

13.30: Start Session 2: Presentations and discussions about the presentations

1. 13.30-14.15: ‘Transparency and Privacy’ by Simone Fischer-Huebner and Hans Hedbom (KAU)

2. 14.15-15.00: ‘Technological aspects of BBP and TETs’ by Stefan Berthold (TUD)  

3. 15.00-15.45: ‘Behavioural Biometrics for indentification on the Web’ by Emmanuel Benoist (VIP)  

4. 15.45-16.00: Coffee Break 

5. 16.00-16.45: ‘Legal aspects of Behavioural Biometric Profiling’ by Els Kindt (ICRI)

17.30: End of the workshop

Annex I: Slides of the presentations

All slides are available on the internal portal, WP 7 section of the filemanager.

Slides of the presentations

‘Transparency and Privacy’. Presentation by Simone Fischer-Huebner and Hans Hedbom (KAU)

We refer to the internal portal filemanager section: http://internal.fidis.net/fileadmin/fidis/workpackages/wp7/Workshop_on_BBP_and_TETs/TUD_S_Berthold.pdf 

‘Behavioural Biometrics for indentification on the Web’. Presentation by Emmanuel Benoist (VIP)

We refer to the internal portal filemanager section: http://internal.fidis.net/fileadmin/fidis/workpackages/wp7/Workshop_on_BBP_and_TETs/VIP_slidesEmmanuel.pdf‘Legal aspects of Behavioural Biometric Profiling’. Presentation by Els Kindt (ICRI)

Slides of participants who could not attend the workshop 

Proposed contribution of TILT. Slides of Bart Custers (TILT)

BBP and TETS. Slides of Vassiliki Andronoukou (ICCS)