In the complex and fragmented spectrum of personal data protection, biometric data represent one of the most challenging issues. On one hand, because, as will be discussed below, they represent data that allow for precise and unique identification of individuals. On the other hand, because they offer vast opportunities in many sectors, including in relation to the recognition of minors (and their protection) for accessing internet services. There is another aspect that raises concerns, namely the use of biometric data for the purpose of citizens’ recognition by public authorities. Dystopian scenarios that link the needs of public security with the legitimate expectations of individuals not to be constantly monitored in their movements in public spaces. This paper aims at investigating the regulations regarding biometrics in the General Data Protection Regulation (EU Regulation No. 2016/679 – GDPR), and then analysing the rules of the AI Act (in the currently available version, the text of which is not yet finalised). These rules have been applied in the compliance activities within the Arcadian project, funded under the Horizon2020 measure of the European Commission: the legal activity carried out has allowed, in particular, to examine the rules on biometrics and personal data applied to the research project pilots and the guidelines provided in this context.

Use of Biometric Data in research activity. The solution adopted by the Arcadian Project

Giovanni Maria Riccio
2024-01-01

Abstract

In the complex and fragmented spectrum of personal data protection, biometric data represent one of the most challenging issues. On one hand, because, as will be discussed below, they represent data that allow for precise and unique identification of individuals. On the other hand, because they offer vast opportunities in many sectors, including in relation to the recognition of minors (and their protection) for accessing internet services. There is another aspect that raises concerns, namely the use of biometric data for the purpose of citizens’ recognition by public authorities. Dystopian scenarios that link the needs of public security with the legitimate expectations of individuals not to be constantly monitored in their movements in public spaces. This paper aims at investigating the regulations regarding biometrics in the General Data Protection Regulation (EU Regulation No. 2016/679 – GDPR), and then analysing the rules of the AI Act (in the currently available version, the text of which is not yet finalised). These rules have been applied in the compliance activities within the Arcadian project, funded under the Horizon2020 measure of the European Commission: the legal activity carried out has allowed, in particular, to examine the rules on biometrics and personal data applied to the research project pilots and the guidelines provided in this context.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11386/4860675
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact