Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- D7.2: Descriptive analysis and inventory of profiling practices.
- D7.3: Report on Actual and Possible Profiling Techniques in the Field of Ambient Intelligence.
- D7.4: Implications of profiling practices on democracy.
- D7.6 Workshop on AmI, Profiling and RFID.
- D7.7: RFID, Profiling, and AmI.
- D7.8: Workshop on Ambient Law.
- D7.9: A Vision of Ambient Law.
- D7.10: Multidisciplinary literature selection, with Wiki discussion forum on Profiling, AmI, RFID, Biometrics and Identity.
- D7.11: Kick-off Workshop on biometric behavioural profiling and Transparency Enhancing Technologies.
- Forensic Implications.
- HighTechID.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
 |
Title: LEGAL ISSUES |
 |
Introduction
In FIDIS deliverable 7.2, the concept of group profiling has been described as the process of constructing profiles (correlated data), that identify and represent a group/category/cluster.
The application of a group profile is described as the identification and representation of a person as a member of a specific group/category/cluster. Identification in this case does not mean discriminating a person from all other persons, but rather focuses on identifying a person with (as part of) a certain group/category/cluster of persons.
In the case that a group profile is applied to a member of the group, this group profile can either be applied to an identifiable person, or - in the case of anonymity or pseudonymity - to a non-identifiable person.
Personalised profiling is described as the process of constructing profiles (correlated data) that identify and represent a person. When applied, the profile identifies and represents a person as a specific person. The set of correlated data that identify and represent a person as this specific person does not imply that the person is identifiable in the sense of a unique identifier. If the person uses pseudonyms, he or she can be identified as the same person per context, without necessarily linking this specific person to the physical person.
In this chapter, we will pay special attention to group profiling since there is some legal uncertainty regarding the applicability of data protection legislation that is only applicable to personal data relating to identified or identifiable natural persons. As will be indicated, even though personalised profiling seems to fall within the scope of data protection legislation by its very nature, it is still possible to make personalised profiles without identifying the person in the sense of the directive.
The legal analysis in this chapter will be built upon the different steps that can be differentiated in the construction and the application of profiles. Each step will be subject to an analysis of laws and regulations on the EU level. The described laws and regulations are not only privacy and data protection law, but also others such as e-commerce and consumer protection law. These laws contain provisions that may be applicable to profiling in AmI.
The three steps of profiling that we follow are:
The collection of personal data and of other information to construct the (group) profile. With collection we also mean the storage and aggregation, i.e. the systematic storage and re-organisation of personal data and of other information to make the data and information accessible (section )
The construction of (group) profiles, including making the personal data anonymous (section ).
The application of the (group) profile in an AmI environment (section ).
| |
   |
|
| 26 / 62 |
