Legal definition – Privacy and open data provision
(interpretation of legal norm that underlies this analysis)
The analysis is based on the EU Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the General Data Protection Regulation, hereinafter referred to as the “Regulation” or “GDPR”). It is a directly applicable standard in all EU Member States and is a means of pan-European reform of the data protection system.
The Regulation offers a very broad definition of the term “personal data” (hereinafter “PD”), which is crucial, as it determines whether the legal framework for the protection of personal data will be applied in the present case. It involves “all information about an identified or identifiable person”, who is labelled as a “data subject”. An identifiable person is a person that can be directly or indirectly identified.
Indirect identification is when it is necessary to add a context in the form of additional information to the information in question. Personal data then involves both of these types of information. Context and the ability to create it are, therefore, an essential attribute in determining whether the information is considered to be personal data. It does not matter whether the controller of personal data (i.e. the person who determines the purpose of the processing, or where the purpose and means of such processing are determined by law, and is primarily responsible for the processing) has, in fact, all the information necessary for indirect identification. In any case, it is personal data.
The Regulation allows the processing of personal data when it is used “solely for journalistic purposes, or for the purposes of academic, artistic or literary expression”. In accordance with the decision-making practice of the Court of Justice of the European Union it must, therefore, be considered that this purpose of processing personal data, which is necessary for the exercise of the right to freedom of expression (in particular journalistic, academic and artistic), must be interpreted broadly.
Therefore, in determining whether the given information is personal data, it is necessary to take into account the level of risk of its use for identification in relation to the level of effort and cost involved in identifying a publicly active person. The basic rules defined for the creation and operation of TRACO AI are:
- Gathered data is not publicly provided neither individually nor as a whole
- The personal information provided cannot harm or discredit a private person
- Processing is necessary for the legitimate interests of the Controller
- Processing does not apply to persons requiring the protection of personal data, especially if the data subject is a child
Definition of the terms:
Controller – Any natural or legal person, public authority, agency or other body, which determines the purposes and means of the processing of personal data, and is primarily responsible for the processing. The controller processes personal data for purposes arising from its activities (e.g. statutory obligations, contracts), but may also process personal data for its own intended purposes, e.g. for its legitimate interests, provided these interests do not exceed the interest in the protection of fundamental rights and freedoms of natural persons.
Processor – Any natural or legal person, public authority, agency or other body that the controller hires to carry out processing operations with personal data for them. In the course of an activity for the controller, it may carry out only such processing operations with personal data that the controller entrusts to him or that arise from the activity to which the processor has been authorized by the controller.
Objectives of TRACO AI system creation:
- streamline digital archives containing large amounts of videos, movies and photos,
- identify persons in the above-mentioned archives,
- quickly identify persons in sports or other events,
- save manual work of description and subtitle creation,
- reduce errors in the preparation of “lower third” titles,
- reduce time to process news reports,
Principles applied in the development and operation of TRACO AI SW
The application is based on the basic principles of the Regulation (GDPR). The individual principles are:
- lawfulness, fairness, transparency – the controller must process personal data for at least one legal reason and vis-à-vis the data subject transparently and correctly,
- purpose limitation – personal data must be collected for certain and legitimate purposes and must not be processed in a way incompatible with those purposes,
- data minimization – personal data must be adequate and relevant to the purpose for which they are processed,
- accuracy – personal data must be accurate,
- storage limitation – personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed,
- integrity and confidentiality – technical and organizational security of personal data
Individual principles are developed in Article 5 (1) of the Regulation.
The result of the analysis in terms of storage security and data protection
Given the need to define what the Controller and the Processor are when handling the TRACO AI system, there is a list of points based on which the division was subsequently made.
- the TRACO AI system is located only on the device of a User (Controller),
- the scope of data collection and processing is performed under the full control of the User (Controller),
- the system contains all possibilities of fulfilling the rights related to the protection of PD (including deletion of all records of a specific person),
- the right and the scope of technical intervention in the system is granted by the User, that is, the Controller,
- TRACO AI system collects and stores basic publicly accessible data
- name, surname
- political affiliation
- job or political position
- start date of political office, if appropriate,
- end date of political office
- The biometric data is stored in a 128-dimensional vector (pseudonymisation) and its association with a private person requires an index binding number and the second database of persons.
- Data is presented towards internal systems, the system does not cooperate with external applications or systems that the user would not know about.
- TRACO AI system contains a complete way of controlling individual data accesses – full personification.
- TRACO AI system uses a full logging system to record the work of authorized persons.
- TRACO AI system cannot create any bulk data export that could be used to harm a private person.
In order to assess the readiness of the TRACO AI system, two basic questions need to be asked:
- Is the system ready for GDPR, thus fully protecting the data of individual PD?
According to the control of TRACO AI system and its work with data, it is possible to declare that the system is fully prepared for work with data so that it fully complies with the Regulation on personal data protection of individuals and groups of persons. The system has basic features for the protection of PD:
- data minimization – the system uses a minimum amount of PD for data collection, archives only data necessary for journalistic purposes,
- unnecessary PD removal,
- reading, creation, change, and deletion of selected persons’ PD,
- change of access rights to PD,
- access control – users, application roles, data encryption
The application is not accessible from another system, the data is stored in a local database.
The PD is automatically collected, manually corrected and deleted.
The system allows for automatic liquidation of the PD after the purpose of processing has expired.
The system contains logs or security surveillance system over the work of specific persons.
The application does not have an integrated system of PD exports.
- Is the compliance of the information system with GDPR a responsibility of the customer or the IS supplier?
- The TRACO AI system is primarily the responsibility of the Controller. According to the GDPR Article 4, it determines the purpose and means of the processing of personal data (PD). Therefore, it is also responsible for the access of individual persons. In this case, the Controller’s role is performed by the Customer, who has full control over the collection, processing and handling of the data.
- TRACO SYSTEMS Inc. does not process PD (searching, logging,…) according to Article 4 of GDPR, but it is responsible for PD within the scope of the contract or other legal act concluded between the Controller and the Processor according to GDPR Article 28. TRACO SYSTEMS Inc. is in the role of the Processor only if it directly ensures the operation of the IS or performs the agreed maintenance with the work on the PD. The definition of the scope of data handling, in this case, is always up to the User (Controller), who decides on the need to manage the data as a whole or to work on individual-specific data.
- The IS supplier, which does not have access to the PD stored in the IS or does not ensure the operation of the IS itself, is not in the position of the Processor and, therefore, has no legal responsibility under GDPR.
In case of a concluded maintenance contract, we advise the user to request the signature of a contract on the processing of personal data to the extent of the required work.
On behalf of AGILO.CZ s.r.o.
Ing. Miroslav SUCHEL
Personal Data Protection Officer
Huťská 366, Kladno 272 01