DATA PROTECTION, PRIVACY AND SECURITY IN THE CONTEXT OF ARTIFICIAL INTELLIGENCE AND CONVENTIONAL METHODS FOR LAW ENFORCEMENT

Abstract

Unlike conventional methods and technologies of collecting, processing and analysing the personal data of natural persons as part of law enforcement activities, the broader use of different artificial intelligence methods brings into focus the need for specific rules regulating the application of various artificial intelligence methods to protect two independent fundamental rights as regulated by EU Charter of Fundamental Rights, Art. 7 and 8 – data protection and privacy. Privacy, the protection of personal data and the security of their processing and transmission within law enforcement activities, whether it is non-automated, partially or fully automated, is prescribed by Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such data. When considering personal data protection in the context of Directive 2016/680 it is referred to the protection of information on the confirmed identity of a natural person (data protection) and the protection of all information by which identity can be confirmed (privacy). Thus, this information should not be part of the defined personal data category, and all methods and technologies that can be used for direct and indirect confirmation of the identity of a natural person should be taken into account. The paper aims to determine whether there is relationship between privacy and security and whether there are differences in the personal data collection, processing and analysis methods by law enforcement authorities, when used methods are conventional or artificial intelligence. The first hypothesis emphasises causality between privacy and security when collecting, processing and analysing their personal data by conventional methods and artificial intelligence methods for law enforcement purposes. The second hypothesis implies a statistically significant difference in making personal data available to law-enforcement bodies in cases they are collected, processed and analysed by conventional methods and in cases they are collected, processed or analysed by artificial intelligence methods. The methods used are: descriptive method for describing the process of collecting, processing and analysing personal data in law enforcement activities, as well as for describing the differences between conventional and artificial intelligence methods and evaluating hypotheses; induction for creating hypothesis; deduction for observing specific relations; content analysis and synthesis in the evaluation phase; survey method; statistical and comparative method in the testing phase and for determining the compliance with the hypotheses.