Don’t Spy EU - About the campaign
Hermes Center for Transparency and Digital Human Rights, along with fellow nonprofits The Good Lobby Italy and info.nodes (we), first launched a campaign called Don’t Spy On Us EU in March 2023.
The campaign’s early phase was about encouraging the general public to challenge the Members of European Parliament who were involved in the EU Artificial Intelligence Act negotiations and supported biometric surveillance. On the old version of our website, users could scan politicians’ faces with a face recognition algorithm.
Now we are proud to announce the launch of Don’t Spy EU, our new campaign, on a brand new website. The goal remains the same, that is, to show how, by using publicly-available technology, governments and private companies could potentially access sensitive information about citizens (age, gender, even emotional state) and use it as they please – should Remote Biometric Identification (RBI) ever become legal in the EU.
But wait, isn’t a ban on RBI already in place?
And didn’t the AI Act’s draft include a total ban, initially? Well, the General Data Protection Regulation (GDPR) does include a ban on biometric identification. However, when the AI Act becomes effective, RBI systems will be subject mainly to that law, since their software employs Artificial Intelligence.
Like many other nonprofit organizations all over the continent, we are deeply concerned about the trajectory the AI Act is taking.
We’re talking about a major body of legislation, a heavy bulk of norms regulating AI (or attempting to do so) that’s set to be enacted in 2025, eventually becoming the first of its kind at the global level – and, let’s not forget, an important precedent for non-EU countries.
As we write (October 2023), dozens of fellow digital rights organizations have already flagged several loopholes in the AI Act, beginning with the very definition of RBI technology. This meticulously-written joint statement by EDRi (European Digital Rights initiative) details the threats posed by the current versions of Article 3(36) and Article 5(1)(d), along with recommendations by civil society on how to make sure people’s fundamental rights are protected.
Yes, RBI might be banned… but with some exceptions
As of now, predictive policing tools, real-time remote face recognition and biometric identification in public spaces are forbidden, and the AI Act’s current version maintains this ban as well.
However, exceptions will be granted for ex-post technologies employed in the prosecution of serious crimes and under judicial authorization; law enforcement will also be able to use predictive policing algorithms that analyse personal data in order to identify potential future offenders. And who gets to determine who could turn into an “offender”?
Great question that remains unanswered, just like questions/doubts regarding predictive AI tools employed at the EU border – tools whose rollout phase is currently underway in some cases (see EU MigraTool ).
Don’t Spy EU – Founding organizations
Hermes Center is a nonprofit organization focusing on the protection of digital rights. HC team is based in Milan, Italy and combines technical expertise and advocacy skills to influence the political debate. In Europe, HC works in collaboration with EDRi , and in the rest of the “Connected World” they’ve co-produced the following projects: GlobaLeaks , OONI , ProTecht , ReclaimYourFace , and Makhno .
The Good Lobby is a nonprofit organization committed to making our society more democratic, united and equitable. TGL is a people’s movement that believes that every citizen can mobilize to defend the interests of their community. TGL intends to positively influence decision-making processes by lobbying politicians, public officials and anyone in positions of power to protect all citizens’ rights, especially of the weakest and most marginalized.
info.nodes is a nonprofit organization that supports journalists and activists in carrying out their important job, which is, to expose the truth and promote effective social change. Info.nodes also publishes italian magazine Marla .
Challenging RBI since 2020 — what led us here
We targeted all MEPs
We face-scanned 500+ politicians’ faces . This first phase came to an end when the European Parliament released a draft of the AI Act that we partially approved of. Goal achieved? Not yet.
European surveillance lobbies pushing forward
The forces pushing for face recognition technologies in Italy flexed their muscles
Whether it was because of the 2024 Olympics in France or for other unclear security reasons, we saw a push from the Italian government to deploy smart surveillance cameras in public spaces. This, after the privacy authorities prevented the usage of scraped pictures.
Clearview AI fined for GDPR violations
A well-known abuser of face recognition technologies was fined because of GDPR violations
Regulatory authorities in Italy, France, UK and Greece fined for millions of euros Clearview.AI, a tool that scrapes online pictures to store individual profiles. The Data Protection Authority decided that this violated GDPR rules.
Reclaim Your Face campaign· Europe
A signature collection to ban Face Recognition (Remote Biometric Identification, RBI) in the EU
Together with other nonprofits, we ran a campaign called _Reclaim Your Face- and collected signatures to push the European Parliament to ban face recognition! Despite collecting 250.000+ signatures , our efforts didn’t stop there.