Glossary

Algorithm Algorithmic decision-making Anonymization Artificial Intelligence (AI) Bias Big data Biometrics Computer Application Computer Information System Controller of the data file Data Data Destruction

Data File Data mining Data Protection and Transparency Commissioner for the Geneva Canton Deep learning Federal Data Protection and Information Commissioner Geolocation Information Information and communication technologies (ICTs) Information System Intelligence Internet of Things (IoT) Machine learning Metadata Official Documents

Personal Data Personal data processing Principles as far as data protection is concerned Processing of personal data Recommendation Sensitive data Video surveillance

 

Algorithm

A set of step-by-step instructions for solving a problem (Negnevitsky, 2011).

Algorithmic decision-making

A form of decision-making based on outputs from algorithms (Andersen, 2018).

Anonymization

The process of irreversibly removing personal identifiers, direct and indirect, which may lead to an individual being identified (Article 29 Data Protection Working Party, 2014).

Artificial Intelligence (AI)

While there is no one single definition of ‘artificial intelligence’ (AI), this publication tends to define AI as an ensemble of advanced ICTs that enable “machines capable of imitating certain functionalities of human intelligence, including such features as perception, learning, reasoning, problem solving, language interaction, and even pro-ducing creative work” (COMEST, 2019).

 

Bias

An inclination or prejudice for or against a person or group, especially in a way that is considered to be unfair (societal definition); the difference between the estimated—or predicted—value and the true value – in other words, the difference between what a system predicts and what actually happens (statistical definition) (Andersen, 2018).

Big data

Datasets that are too large or complex for traditional data processing software to ana-lyze (Andersen, 2018). Most AI systems rely on the collection, processing and sharing of such big data in order to perform their functions.

Biometrics

Analysis of the physiological and behavioural characteristics of a person such as the voice, face shape, iris, fingerprints, and signature ... in principle unique and unforgeable (Greek etymology: bios - "life") and metron - "measure"). These can be expressed differently depending on the context, the most common are defined below [1]

• Biometric characteristics, the measurable physiological or behavioural characteristics of an individual.
• Biometric data, biometric data raw or derived.
• Raw biometric data or a biometric sample,
  physical or digital representation of a biometric characteristic, obtained during the biometric enrolment.
• Biometric data derived or a biometric template, a digital reference composed of different characteristics extracted from raw biometric data, and used  by biometric authentication systems
• Biometric enrolment, the initial process of collecting biometric data of an individual and saving this as biometric data reference.
• Biometric identification, the process of comparison (1: n) of a biometric test with a set of biometric data reference stored in a database, in order to determine who is the data subject.
• Biometric authentication system, a system that carries out an automated recognition (identification or verification) of individuals based on their biometric characteristics.
• Biometric authentication technologies: A technology used to identify or verify a claimed identity, they are based on the analysis of physiological characteristics (something you are; passive biometrics) or behavioural characteristics (something you do; active biometrics ) of an individual, including face shape, the handwritten signature, fingerprint, voice print, the shape of the hand, gait, iris, typing (keystroke), the venous network of the hand or finger.
• Biometric verification (authentication), the comparison process (1:1) of a biometric test with  biometric data reference in order to verify if the person is who she/he claims to be.

Computer Application

A tool which allows to perform a number of tasks on the data.

Computer System

Computer and telecommunication means that allows for the storage, the processing, the transportation and destruction of data.

Controller of the data file

A private person or federal or cantonal bodies who decide on the purpose and contents of the data file, and who is responsible.

Data

Conventional representation of information (fact, notion, work order) in the form of (analogue or digital) for automatic processing. A basic element which, when added to others or the process applied to it, biometric information, is obtained. See Biometrics.

Data destruction

For data entered or captured (see video surveillance) and saved in a computer system, all  technical action making the data completely and permanently inaccessible (deleting, overwriting, ...). The physical destruction of data deletes the data from the hard disk where they are found while the logical destruction makes them inaccessible.

Data File

Any system designed to bring together, on any medium whatsoever, personal data structured in such a way that the data is accessible by data subject. See Controller of the data file.

Data mining

Extraction of information and knowledge from data. Also, the exploration and analy-sis of large amounts of data in order to discover meaningful patterns and rules. The ultimate goal of data mining is to discover information and knowledge (Negnevitsky, 2011).

Data Protection and Transparency Commissioner for the Geneva Canton

Responsible for the monitoring of the application of the Geneva law on public information, access to documents and protection of personal data (LIPAD) by cantonal and local public and para-public institutions, as well as private organisations linked by a service contract to one or another of these.

Deep learning

This technique enables a machine to independently recognize complex variations. An example is automated scouring and classifying of millions of images picked from the Internet that have not been comprehensively labelled by humans. The result of a combination of learning algorithms and formal neural networks and the use of mas-sive amounts of data, deep learning powers AI (UNESCO, 2018d).

Federal Data Protection and Information Commissioner

Responsible for the monitoring of the application by private individuals and federal bodies of the Federal Act on Data Protection (FADP) and other federal provisions concerning data protection, and for the monitoring of the application by federal bodies of the Freedom of Information Act (FoIA) [2].

Geolocation

Location from an object space located on the surface of the Earth. GPS: location system which allows to know the position of a mobile by means of a signal receiver transmitted by a network of satellites, this receiver also .

Information

Information about something or someone. Result of a request of one or more information systems that is intelligible, coherent and usable by others.

Information and communication technologies (ICTs)

Diverse set of technological tools and resources used to transmit, store, create, share or exchange information. These technological tools and resources include software, computers, the Internet (websites, blogs and emails), live broadcasting technologies (radio, television and webcasting), recorded broadcasting technologies (podcasting, audio and video players and storage devices) and telephony (fixed or mobile, satel-lite, visio/video-conferencing, etc.) (UNESCO Institute of Statistics, 2019).

Information System

Organized set of resources (human, information, data, procedures, tools) to acquire, store, organize and communicate information from a public operating range in the form of digital data or text, images and sound data.

Intelligence

The ability to learn and understand, to define problems and to make decisions tosolve them. A machine is thought to be intelligent if it can achieve human-level per-formance in some cognitive task (Negnevitsky, 2011).

Internet of Things (IoT)

A global infrastructure that enables advanced services by interconnecting (physical and digital) things based on existing and evolving interoperable information and com-munication technologies (ITU, 2012).

Machine learning

An adaptive mechanism that enables computers to learn from experience, learn by example and learn by analogy. Learning capabilities improve the performance of an intelligent system over time. Machine learning is the basis of systems that can adapt their response continuously (Negnevitsky, 2011).

Metadata

Data used to define, contextualize or characterize data (CoE, 2018).

Official Document

All data information mediums owned by a public authority with information concerning the completion of a public task. These include, in particular, the messages (for emails, printing), reports, studies, approved minutes, statistics, records, correspondence, instructions, notices, decisions. Personal notes, rough drafts and other uncompleted texts, unapproved minutes are excluded.

Personal Data

Any information relating to a natural or legal person, identified or identifiable.

Personal data processing

Any operation or set of operations performed using automated processes and ap-plied to personal data or sets of data, such as collection, recording, organization, structuring, storage, adaptation or modification, retrieval, consultation, use, commu-nication by transmission, dissemination or any other form of making available, linking or interconnection, limitation, erasure or destruction (CoE, 2018).

Principles with regards to Protection of data [3]

• Legality: the processing of personal data must not violate the law and must be based on a legal basis, or on the consent or on an overriding public or private interest.
• Good faith: the data should not in principle be collected and processed without the knowledge of the data subject or against her/his will. They should not be collected by intentional deception;
• Proportionality: the processing of personal data must be necessary, adequate and the least intrusive as possible;
• Purpose: Personal data shall be processed for the purposes indicated at the time of collection, which is provided for by the law or due to circumstances;
• Accuracy: the person who processes the personal data must ensure that they are correct and, if necessary,  take any adequate measures to update the data, in particular to delete or rectify any inaccurate or incomplete data;
• Security: Personal data must be protected against any unauthorised processing, through adequate technical and organisational measures;
• Transparency of the collection: the collection of personal data and its purpose must be recognisable to the data subject.

Processing of personal data

Any operation with personal data, irrespective of the means applied and the procedure, and in particular the collection, storage, use, revision, disclosure, archiving or destruction of data.

Recommendation

In this tool, the recommendations contained at the bottom of scenarios are tips on the steps to take, or the behaviour to adopt to comply with the rules of data protection and transparency.

Sensitive data

Personal data on religious, philosophical, political, trade-union or cultural opinions or activities, health, intimate sphere, on ethnicity or race, on welfare measures, on prosecution or penal or administrative sanctions.

Video surveillance

A collection, whether open or not, using cameras of pictures and information about people, in the form of video recordings