public safety by design Mireille Hildebrandt Science Faculty Radboud University Nijmegen Faculty Law amp Criminology Vrije Universiteit Brussel 17 May 2016 Public Safety amp Legal Certainty by Design ID: 529881
Download Presentation The PPT/PDF document "legal certainty and" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
legal certainty and public safety by design
Mireille HildebrandtScience Faculty, Radboud University NijmegenFaculty Law & Criminology, Vrije Universiteit Brussel
17 May 2016
Public Safety & Legal Certainty by Design
1Slide2
17 May 2016
Public Safety & Legal Certainty by Design2Slide3
safety, security, certainty
safety: against natural causes (physical)resilience, vulnerabilitysecurity: against attacks (physical, cyber)malware, vulerability, terrorist attackscertainty: level of foresight (expectations)
foreseeability, monitoring, analysis
17 May 2016
Public Safety & Legal Certainty by Design
3Slide4
public safety & security, legal certaintypublic safety & security:
safeguarding against major disruptions that affect everyone’s expectations, that create uncertainty, thus reducing capabilities to plan aheadgenerating societal trust & resiliencelegal certainty: having a fair idea of the legal effect of one’s actions (duty to compensate, being subject to fines or punishment, being subject to investigations) knowing how one can create obligations and hold others to account, and how one is protected against violations of one’s fundamental rights
strong relationship with trust
17 May 2016
Public Safety & Legal Certainty by Design
4Slide5
‘by design’ in a data-driven environmentpublic safety & security by design: integrating requirements into data-driven applications and infrastructure that enables
to foresee disasters develop effective responses to reduce impact, to provide emergency relief, follow up and to develop learning mechanisms to confront future disasterslegal certainty by design?
confidentiality, integrity (& availability) of cyberphysical
infrastructures integration of data protection into data-driven applications and infrastructures involved in public safety operations
17 May 2016
Public Safety & Legal Certainty by Design
5Slide6
emergency relief follow up post-hoc analysis, accountability, learning
17 May 2016Public Safety & Legal Certainty by Design6Slide7
‘social’ (what’s up?)ethical (what should be done? justice without legal certainty)ethics is more and less than law
legal (enforceable standards, norms, legitimate expectations)law is more and less than ethics17 May 2016Public Safety & Legal Certainty by Design
7Slide8
emergency relief (vital interests of individuals and groups)follow up (vital interests, public interest task or official authority)post-hoc analysis, accountability, learning
17 May 2016Public Safety & Legal Certainty by Design
8Slide9
post-hoc analysisDeveloping a framework of analysis, reconfiguring risk-analyses, predicting and/or pre-empting similar disasterssocial:
developing sustainable and resilient response mechanisms to prevent of cope with future disasters; long term follow-up of victims, failing infrastructureethical: connect with the victims, respect them as persons, enable to restore dignity and enable them to develop a new life, assess potential discrimination and lack of due process, false accusations (scapegoat mechanisms)legal: shift towards other legal grounds, further purposes, make sure data is deleted, anonymised or properly pseudonymised (the latter requires ground & purpose)
17 May 2016
Public Safety & Legal Certainty by Design
9Slide10
legal certaintyThree critical data protection issues:purpose limitation = trust that data will not be used against one in another contextdata minimisation (pseudonymisation
) = trust that no unnecessary risks are takenprofile transparency for analyticsa fair idea of how one may be targeteddetection of potential biasempowering constructive distrust and contestation
17 May 2016
Public Safety & Legal Certainty by Design
10Slide11
posthoc analysis: legal
Legal conditions for fair and lawful processing of personal data:Purpose (repurposing of emergengy & follow-up and other data, to predict e.g. crowd behaviours) Data
minimisation (select before and while you collect; pseudonymise; restrict access; separate research access from operational access; develop and implement data life-cycle management also for this phase)
17 May 2016
Public Safety & Legal Certainty by Design
11Slide12
posthoc analysis: legal
lean and agile computing in Machine Learning (ML):volume, accuracy, correctness, completeness, relevance of datasetbe aware of ‘low hanging fruit’, big but irrelevant data, bad cleansingbias in the dataset will return in the output: no free lunch (Wolpert
)accuracy, correctness and relevance of the algorithms
always check different types of algorithms to prevent spurious correlationsbias in the algorithms will return in the output: no free lunch (
Wolpert
)
accuracy, correctness and relevance of the output
mathematical
&
empirical
software
verification
17 May 2016
Public Safety & Legal Certainty by Design
12Slide13
posthoc analysis: legal
lean and agile computing in Machine Learning:check the trade-offs between speed, accuracy, relevancea data is a trace of or a representation of the ‘real’, it is not the ‘real’select before and while you collectconfigure the purpose between data scientist and domain expert
from ‘predict crowd behaviours’ to ‘predict behaviour of surgeons after power cut in hospital’
17 May 2016
Public Safety & Legal Certainty by Design
13Slide14
post-hoc analysis: legalprofile transparency:
existence of automated decisions based on profilingcomprehensible information about the logic of processingenvisaged consequences of application of profilingmake ML applications testable and contestable:requirement of methodological integrityrequirement of the Rule of Law
17 May 2016
Public Safety & Legal Certainty by Design
14Slide15
the legal and the ethical?the legal after the ethical: people do not agree on what is right or justlaw enables to provide agreed-upon standards, especially when we do not agree
the ethical after the legal:law should create the level playing field that allows actors to act ethicallywithout fear of being pushed out of the marketethical concern cannot be enforced but must be enabled17 May 2016
Public Safety & Legal Certainty by Design
15Slide16
the end
17 May 2016Public Safety & Legal Certainty by Design16Slide17
legal certainty by designData Protection Impact Assessment (what risks for fundamental rights?)Data Protection by Design (requirements for compliant data collection and analytics)
ensure having a valid legal groundpurpose limitationdata minimisation (pseudonymisation)profile transparency for analytics17 May 2016
Public Safety & Legal Certainty by Design
17Slide18
Data Protection Impact Assessementwhich personal data?
location datatime stampshealth data victims (data on harm suffered)health data victims (electronic patient files)identification data victimsidentification data family & otherssocial graphs (twitter, FB, etc.)IoT data (smart car, smart home, smart office, clothing, fitness)
17 May 2016
Public Safety & Legal Certainty by Design
18Slide19
Data Protection Impact Assessementpurpose(s) PPDR
immediate: relief, saving livesfollow-up: organisational streamlining, health, prevention additonial harm/damage, de-escalationlong term resilience: risk-analysis, preventative & mitigation measures, scientific & statistical researchnecessary for the original purpose? if not, for compatible purpose? if not, delete, or process on new ground for new purposere-use?
pseudonymise if you cannot anonymiseopen data? anonymise!
17 May 2016
Public Safety & Legal Certainty by Design
19