Automated recognition of individuals and/or pre-determined traits or risk factors/criteria lies at the basis of smart surveillance systems. Yet new EU regulations and specifically those on information sharing between police and security forces explicitly prohibit automated decision-taking regarding individuals unless “authorised by a law which also lays down measures to safeguard the data subject’s legitimate interests” (Art 7, CFD 2008/977/JHA). Which laws are applicable in this context? What measures are envisioned? What else should the law contain? Can the laws be technology-neutral but sector specific, thus permitting a measured approach to the appropriateness of smart surveillance technologies in key security applications? Can they be extended to all security applications of smart surveillance, even those not covered by CFD 2008/977/JHA?
The SMART project addresses these and other questions through a comprehensive approach which combines a technical review of key application areas by sector with a review of existing pertinent legislation to then produce a set of guidelines and a model law compliant with CFD 2008/977/JHA and EU Directive 46/95.