Minimisation of Incidental Findings, and Residual Risks for Security Compliance: the SPIRIT Project
Paper presented at TERECOM-2018 and AICOL-2018. JURIX-2018, the 31st international conference on Legal Knowledge and Information Systems, Groningen, The Netherlands, December 12, 2018.
This paper introduces the policy for minimisation of incidental findings and residual risks of the SPIRIT Project. SPIRIT is a EU H2020 Security project, aimed at browsing relevant sources, including the socalled “dark web”. It proposes a semantically rich sense-making set of tools aimed at detecting identity fraud patterns. It provides “Technologies
for prevention, investigation, and mitigation in the context of fight against crime and terrorism” for the use of LEAs in Europe. According to GDPR, some protections must be put in place. We explain how we planned and designed them. Specifically, we turned incidental findings into an incidental risks policy, planned a risk mitigation strategy (ongoing privacy
preserving algorithm development), and set a dynamic DPIA.
In 2018 the Member States of the European Union joined forces with Europol and its institutional partners to fight organised crime groups active in the ten priority crime areas which fall under the European multidisciplinary platform against criminal threats (EMPACT). The outcomes of the Joint Action Days exemplify the tremendous impact that they had on some of the EU’s most threatening organised crime groups.