Online police patrols in the form of digital roBOTs to detect possible child abuse. And a new type of facial recognition that will be more privacy-friendly than existing biometric methods. These are the headlines for two new projects selected for the Norwegian Data Protection Authority’s AI sandbox.
Both projects delve deeply into areas that the Data Protection Agency and society in general need a lot of knowledge and openness about. Both projects have the potential to be both demanding and exciting,” says Veronica Jarnskjold Buer, Head of Department at the Norwegian Data Protection Authority.
Digital patrolling
PrevBOT is a collaboration between the Norwegian Police University College and the University of Agder. It is a concept for a tool for patrolling on open social media, with the aim of preventing sexual abuse of children. The AI-based bot will be able to map behaviour that indicates a risk of sexual abuse, and it will be able to point out social arenas that are worth paying extra attention to. It will be able to identify grooming conversations by analysing language, and it will be able to predict the age and gender of those involved.
“The project is groundbreaking work, and we lack good examples to draw on. It involves law enforcement and is sensitive in many ways. Exploring the project in the sandbox is in practice probably a give or take for the project,” says Inger Marie Sunde, professor at the research department at the Norwegian Police University College.
The overall purpose is to prevent sexual abuse of children. But is it possible to achieve this with PrevBOT within existing laws and ethical guidelines? Is it technologically possible to get the bot to patrol with sufficient precision? And will it require a debate on how we should and will use new technology?
“For those of us who work in the field of data protection, the index finger reflex automatically twitches. That’s precisely why it’s extra exciting to go into this project with an open mind, and see whether this is something that can be achieved without conflicting with privacy,” says Buer.
Privacy-friendly face
In the second project, the start-up company Mobai wants to give privacy-friendly facial recognition a face. It is no secret that both the Norwegian and European data protection authorities believe that facial recognition – and especially facial recognition in combination with artificial intelligent analysis – is a demanding and challenging topic with high risk.
“Whether this initiative can be the key to privacy-friendly innovation is an exciting potential,” says Buer.
“For us, it is crucial to discuss the use of biometrics with the Norwegian Data Protection Authority, so that we can develop a secure and privacy-friendly solution for facial verification as a measure against increased fraud,” says Brage Strand, CEO of Mobai.
Mobai is backed by solid expertise from several organisations. The team includes BankID, Sparebank1 Østlandet, NTNU and the Centre for IT and IP Law at the University of Leuven in Belgium. They want to look at how to implement facial recognition in a more secure way that also gives the user more control. The solution should make it possible to use facial recognition for easier and more secure authentication of users of banking services, thereby reducing the risk of fraud and abuse.
Important sandbox projects
As always in the sandbox, there is a short time from admission to start-up. Around the same time as spring blooms, the constructive, dialogue-based guidance in the sandbox starts. At Mobai, Strand is most excited about whether they have prepared well enough to be able to present the project in a simple and understandable way.
“And not least, we look forward to good discussions about the challenges and opportunities together with the Norwegian Data Protection Authority,” he says.
Mr Buer, Director of the Norwegian Data Protection Authority, does not hide the fact that both projects have elements that can challenge the privacy of individuals in society.
“And that is precisely why these are extremely important projects. It is great that Mobai and the Police University College/UiA have applied to the sandbox. This is how we can achieve privacy-friendly innovation together,” says Buer.
She points out that in the sandbox, the Data Protection Authority is freer to explore boundaries and be constructive on behalf of privacy, because the sandbox process is not about handing out stamps of approval to projects. This makes it easier to be open about what is challenging, and the process is more educational for all parties.
To those who may have privacy concerns: Don’t worry, we enter the project with an open mind. To the participating organisations: Relax, we meet with an open mind.
https://www.datatilsynet.no/aktuelt/aktuelle-nyheter-2023/to-nye-prosjekt-i-sandkassa/