Title: PRIVACY ASPECTS

Profiling technologies need a seamless, unobtrusive ‘flow’ of personal data. In this report several options are considered to store and/or process these data with the end user (chapter ) instead of storing them in distributed networked systems or central databases, as this may violate privacy (rights) or create the risk of abuse.

Proliferation of personal data facilitates the construction of group profiles, as described in section and of different personalised profiles of the same physical person, depending on the role this person plays in a specific context. Access to either the data and/or the dynamic profiles of a specific individual could lead to the construction of a complex and comprehensive profile that may seem to describe the ‘reality’ of the profiled individual. In combination with advanced personalised services, this comprehensive, real time, dynamic, profile would basically infer future behaviour from past behaviour. Could it be that targeted services and adaptive environments lead to a person living - in a sense - in a sophisticated and comfortable cage? If group profiles are integrated with personalised profiles the tendency to normalise those that did not fit the group profile in the first place into behaviour that fits the profiles. The point is that the end user that is the target of all this enhanced servicing seems to be made transparent to an extent that was previously unthinkable. This transparency of the end user to the data user (the service provider, or some government agency that is interested in profiling the individual to prevent crime, illegal immigration, health risks, terrorism, or tax evasion) contrasts starkly to the invisibility of the process of profiling and its end results. Even if data protection legislation would be effective, such that end users have access to their data and are empowered to correct or delete them, the sheer amount of data and profiles seems to make any significant access an illusion.

The problem in terms of privacy is the grip data controllers may have on the unconscious behavioural patterns that steer an individual as these could be used to modify or manipulate her future behaviour. So, while AmI is ‘sold’ as a technology that will empower citizens to participate in public and private life to a much higher degree, it may well provide - at the same time - the tools to steer this participation to a previously unknown extent. The challenge will be to envisage technological design and legal regulation that can prevent such personal transparency and/or bring it under the control of the end user.