Garante per la protezione dei dati personali (Italy) - 9977020

From GDPRhub
Garante per la protezione dei dati personali - 9977020
LogoIT.png
Authority: Garante per la protezione dei dati personali (Italy)
Jurisdiction: Italy
Relevant Law: Article 5(1)(a) GDPR
Article 6 GDPR
Article 9 GDPR
Article 10 GDPR
Article 13 GDPR
Article 14 GDPR
Article 35 GDPR
Article 83 GDPR
Type: Investigation
Outcome: Violation Found
Started:
Decided: 11.01.2024
Published: 25.01.2024
Fine: 50,000 EUR
Parties: Comune di Trento
National Case Number/Name: 9977020
European Case Law Identifier: n/a
Appeal: n/a
Original Language(s): Italian
Original Source: gpdp.it (in IT)
Initial Contributor: co

The Italian DPA imposed a fine in the amount of €50,000 on the municipality of Trento for making use of AI systems of surveillance for scientific research in violation of several GDPR provisions.

English Summary[edit | edit source]

Facts[edit | edit source]

The Italian DPA received the news about a new AI-driven surveillance system implemented by the municipality of Trento, the controller, with the support of FBK, a research foundation. In the context of a social experiment, the controller allowed the deployment of three projects, “Marvel” and “Protector”, concluded by now, and “Precrisis” still to be activated, using AI systems that were developed by the foundation in order to collect data from public areas in the municipality by means of videocameras and microphones that could serve the aim of preventing potential situations of danger to the public.

Upon learning about these facts, the DPA initiated an investigation into the processing operations related to the above mentioned projects by the controller and asked it to provide further information.

Among other things, the controller specified that the projects were EU-funded and provided details about the technical functioning of each of them. In particular, “Marvel” is aimed at developing an automated system analysing real-time audiovisual scenes in order to detect urban security issues. The foundation has access to the recordings of the public cameras in the municipality, which are instantly anonymized and analysed in the workstations of the foundation. The “Protector” project instead is aimed at improving security around places of worship, especially against the risk of hate crimes and terror attacks. The platform acquires video data from cameras present in the areas around places of worship and textual data derived from social media hate comments which are then elaborated by an AI system in order to detect possible relevant risks. Here too, the foundation has real-time access to the recordings which are instantly anonymized. Lastly, as regards the “Precrisis” project, the controller submitted that this has not been implemented yet but will be activated soon, upon adopting the necessary measures for ensuring compliance with the GDPR.

Further, the controller submitted, with regard to all three projects, that the legal basis for such processing is Article 6(1)(e) GDPR and the controller referred to Italian Law n. 38/2009 that grants competence to municipalities to adopt video-surveillance systems to improve urban security and to Regional Law of 3 May 2018, granting the municipality generic competence on the development of social, cultural and economic projects. Further, the controller claimed that since the projects are still in their development stage, the provisions of the GDPR would only start applying when these are activated. Moreover, the controller added that such research projects would also be carried out in line with the provision in Article 89 GDPR. Last, the controller submitted that it nominated the research foundation as a processor under Article 28 GDPR for the future processing of personal data that will take place once the projects are activated.

The DPA responded to these and further submissions by the controller stating that it would start proceedings aimed at the adoption of corrective measures against the controller for unlawful processing activities.

Holding[edit | edit source]

Following an extensive investigation, the DPA came to its conclusions regarding the processing of personal data by the controller.

The DPA found, with respect to the first two projects, that, even though the projects were experimental and no data was being used for actual crime prevention purposes, the controller was still carrying out processing of personal data relating to criminal conviction and offences under Article 10 GDPR. In fact, the algorithms were trained on data collected from the cameras already present in the territory of the municipality with the aim of detecting and documenting criminal activity and might thus include the processing of videos recording criminal activities. Further, the DPA did not believe that the controller could claim in good faith that no actual processing was being carried out yet because the projects were still experimental, as the controller itself indicated the roles, purposes and legal basis for such processing. The DPA also confirmed the municipality's role as a controller and the fact that it may be subject to the imposition of a fine, even if certain activities were carried out by a processor on its behalf, making reference to C-683/21.

The DPA then assessed the anonymization techniques in place. The controller submitted that it adopted anonymization techniques right after collecting the data: the alteration of voice sounds in the voice recordings and the blurring of people’s faces in the videos. The DPA found these techniques to be inadequate as they did not guarantee a full anonymization of the personal data collected. Also, with respect to the data collected from social media platforms, the data were merely pseudonymysed and did not anonymized, as the controller claimed, hence their processing had to be compliant with the GDPR.

Furthermore, the DPA found that the data was being processed contrary to the principles of lawfulness, fairness and transparency under Article 5(1)(a) GDPR.

As regards the principle of lawfulness, the DPA considered that the Regional Law granting the municipality generic competence on the development of social, cultural and economic projects identified by the controller cannot constitute a valid legal basis in line with Article 6(1)(e) GDPR, Article 6(2) and (3) GDPR nor with Article 9(2)(g) GDPR. Making reference to case law of the CJEU and of the ECtHR and taking into account Article 52(1) CFREU, the DPA held that, for processing to be based on a law, the law itself must provide for specific rules on the scope and limits to the processing operations and the processing must be reasonably expected by the data subjects. Similarly, the DPA held that the controller could not justify the processing on the basis of Law n. 38/2009 on urban security which allows the use of cameras for the sole purpose of contrasting and preventing crime and could not be relied on for further processing. Also with respect to the controller’s defence that Article 89 GDPR could apply to the processing operations, the DPA held that the controller as a municipality failed to prove that it is to be considered a research institute. In light of this, the DPA also considered that the sharing of poorly anonymized or pseudonymized personal data to the processor occurred in violation of Article 5(1)(a) GDPR and lacked a legal basis. Hence, so the DPA, the controller acted in violation of Articles 5, 6, 9 and 10 GDPR.

As regards transparency, the DPA held that the controller violated Article 13(1)(c) and (e) GDPR, Article 13(2)(a), (b) and (d) and Article 14 GDPR as it failed to properly provide information about the processing operations.

Lastly, the DPA also held that the controller violated Article 35 GDPR as it failed to properly carry out a DPIA and it should have also considered consulting the DPA prior to processing according to Article 36 GDPR, as the case involved large scale public surveillance.

In light of the above findings and considering the provision in Article 83(2) and (3) GDPR, the DPA held that it was appropriate to impose a fine in the amount of €50,000 on the controller.

Comment[edit | edit source]

Share your comments here!

Further Resources[edit | edit source]

Share blogs or news articles here!

English Machine Translation of the Decision[edit | edit source]

The decision below is a machine translation of the Italian original. Please refer to the Italian original for more details.

SEE ALSO Press release of 25 January 2024



[doc. web no. 9977020]

Provision of 11 January 2024

Register of measures
n. 5 of 11 January 2024

THE GUARANTOR FOR THE PROTECTION OF PERSONAL DATA

IN today's meeting, which was attended by prof. Pasquale Stanzione, president, Prof. Ginevra Cerrina Feroni, vice-president, Dr. Agostino Ghiglia and the lawyer. Guido Scorza, members and the councilor. Fabio Mattei, general secretary;

HAVING REGARD to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, relating to the protection of natural persons with regard to the processing of personal data, as well as the free movement of such data and which repeals Directive 95/46/ EC, “General Data Protection Regulation” (hereinafter, “Regulation”);

HAVING REGARD TO Legislative Decree 30 June 2003, n. 196 containing "Code regarding the protection of personal data, containing provisions for the adaptation of national law to Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, relating to the protection of natural persons with regard to the processing of personal data, as well as the free circulation of such data and which repeals Directive 95/46/EC (hereinafter the “Code”);

GIVEN Regulation no. 1/2019 concerning internal procedures with external relevance, aimed at carrying out the tasks and exercising the powers delegated to the Guarantor for the protection of personal data, approved with resolution no. 98 of 4 April 2019, published in the Official Gazette. n. 106 of 8 May 2019 and in www.gpdp.it, doc. web no. 9107633 (hereinafter “Guarantor Regulation no. 1/2019”);

Having seen the documentation in the documents;

Having seen the observations made by the general secretary pursuant to art. 15 of the Guarantor's Regulation no. 1/2000 on the organization and functioning of the office of the Guarantor for the protection of personal data, doc. web no. 1098801;

Speaker Dr. Agostino Ghiglia;

PREMISE

1. Introduction.

From press reports we learned that at the Municipality of Trento (hereinafter, the "Municipality"), three systems would form the subject of experimentation, with the support of the Bruno Kessler Foundation (hereinafter, the "Foundation" or "FBK"). of artificial intelligence, called “Marvel”, “Protector” and “Precrisis”, whose development projects would have been financed under European Union research programs, which would involve the collection of information in public places through microphones and cameras video surveillance, in order to detect potential dangerous situations for public safety.

2. The preliminary investigation activity.

With note dated XX, the Authority addressed a request for information to the Municipality, pursuant to art. 157 of the Code, in relation to the processing of personal data carried out as part of the aforementioned projects.

In response to this request for information, the Municipality, with note prot. n. XX of the XX, declared, in particular, that:

“the Municipality […] is a partner in three development projects called MARVEL, PROTECTOR and PRECRISIS, financed under European Union research programmes”;

“[…] thanks to the use of specific artificial intelligence algorithms developed by [the] Foundation […], the personal data recorded via audio and video sources […] are automatically anonymized at the time of collection”;

“the Municipality […] has carried out, with the support of the Personal Data Protection Officer [“RPD”], a specific impact assessment [on data protection] […]”;

“[…]biometric data, in particular technologies aimed at carrying out facial recognition, are not used […]”;

“[…] the systems […] are developed as part of research projects […] [in which] the Municipality […] participates and has participated […] as a use case, making its own expertise available infrastructure […]”.

With specific regard to the "Marvel" project, the Municipality declared, in particular, that:

“as part of the European project MARVEL - Multimodal Extreme Scale Data Analytics for Smart Cities Environments (Grant Agreement - GA n. 957337 - MARVEL dd. 07/22/2020 and subsequent amendments), coordinated by FOUNDATION FOR RESEARCH AND TECHNOLOGY HELLAS (FORTH ) - EL, the Foundation […] is the partner that provides part of the hardware infrastructure for data processing and audio/video anonymization technologies […]. The end date of the project is scheduled for 12/31/2023”;

“MARVEL is a project that aims to develop a distributed computing framework, composed of computing resources at the “edge” and resources in the “cloud”, with the aim of enabling multimodal perception and intelligence for scene recognition audiovisual, event detection and so-called smart urban security. Through the collection and analysis of data from multimodal audiovisual streaming, the project intends to improve the quality of life and services to citizens within the smart city paradigm, without violating ethical and privacy limits, in a responsible manner for the artificial intelligence ([…] “AI”). This is achieved through the combination and real-time analysis of large-scale distributed multimodal audiovisual data and the support for automated decision making at all levels of the distributed computing framework”;

“as regards the infrastructure, the Foundation [...] - upon indication of the Municipality [...] - provides two workstations in its laboratories. The first workstation accesses the Municipality's cameras [...] through a VPN (Virtual Private Network). The second workstation connects via VPN to the project's computing platform (created as a "cluster" of computing nodes distributed among the project partners), to make the anonymized video streams available";

“in addition, the Foundation […] designed and assembled six devices for recording audio signals via microphones […]. These devices were installed in February 2023 in the Municipality's network [...] and are accessible by the Foundation [...] via the aforementioned VPN. Audio streams are managed in the same way as video streams”;

“as part of the […] MARVEL project, the Foundation […] deals with the acquisition of audio and video data. The video data is provided by 14 IP surveillance cameras of the Municipality [...], 6 of which are used to create the prototype of the project. The Foundation […] has access to non-operational real-time video streams via VPN by means of credentials, in order to securely access […]. The video data is immediately anonymized [...] on the Foundation's workstation [...] which accesses the video stream";

“the audio signals are acquired by a device created and installed as part of the project activities: it is a [so-called “single board computer”] to which 2 MEMS microphones are connected. The device reads audio signals from MEMS microphones, anonymizes them, and makes them available, anonymized only, via an RTSP server. This solution allows you to implement a privacy-by-design component, anonymizing the audio signals directly on the device […]. The methods of accessing anonymized audio data are similar to those of video data";

“the anonymized audio and video streams are forwarded, via the second workstation mentioned above, to the project's calculation platform, making the anonymized streams available to the other project partners”;

“at the request of the Coordinator and in agreement with the Municipality […], the Foundation […] periodically uploads the anonymized audio and video data into the data corpus of the MARVEL project (repository, hosted in the server farm of one of the project partners, in which the data is made available for the development of audio-video analysis algorithms)".

With specific regard to the "Protector" project, the Municipality declared, in particular, that:

“as part of the European project PROTECTOR - PROTECTing places of wORship (Grant Agreement - GA n. 101034216 - PROTECTOR | ISFP-2020-AG-PROTECT, dd. 02/28/2021 and subsequent amendments), coordinated by SAHER (EUROPE) OU - EE, the Foundation […] is Technical Coordinator and Work Package (WP) Leader and, in particular, responsible for the development of the software platform called PROTECTOR Platform. The project lasted 25 months, from 04/01/2021 to 04/30/2023”;

“PROTECTOR is a project that aimed to improve the protection of places of worship at an urban level through the analysis of hate crimes and terrorist threats, as well as the evaluation of security measures and the responses given by the security forces order in such contexts. The project developed a specific security strategy for places of worship. Furthermore, new technological components were developed and tested […] according to the principles of the so-called ethics/privacy-by-design, in selected places of worship in Belgium (Antwerp), Bulgaria (Sofia) and Italy (Trento), in order to improve the analytical capabilities of law enforcement agencies”;

“[…] the PROTECTOR platform is configured as a solution that acquires data from video surveillance cameras and textual data derived from social media, processes them and displays relevant information for law enforcement, in order to identify risks and threats to the safety of places of worship”;

“the platform is made up of various software modules, with different functionalities. The automatic analysis of visual and textual data is carried out through software modules based on AI technologies. Regarding the modules for the analysis of visual data we have:

automatic object detection component: module based on object detection technologies ([…]) for the detection and classification of objects of interest (for example: cars, pedestrians, bicycles). Only the category of objects on the scene is detected and not their specific identity[;]

object movement tracking component: module for detecting the trajectories of objects of interest (or visual tracking), identified thanks to the module described previously. The module is based on open source code […], publicly available[;]

anomaly detection component: module for the detection of anomalous situations in urban areas and for their categorization (for example: situations of crime or deviance). This anomaly detection component uses publicly available libraries such as the CLIP vision language model and trajectory clustering methodologies to identify anomalies in movements. The AI modules described above for video data analysis use datasets publicly available in the literature to train deep learning models, while refinement and evaluation are carried out using the data acquired by the PROTECTOR platform in anonymized form [...]";

"in relation to the modules for the analysis of data on social networks we have:

component for automatic detection of religious hate messages from Twitter and YouTube comments. The objective is to monitor any escalation of hatred (mainly of a religious nature or connected to it) and, therefore, no information relating to user profiles is acquired, but only information relating to the textual content of the posts[;]

component of analysis of emotions detected in religiously themed Twitter posts and YouTube comments. Also in this case, the objective is to carry out monitoring on aggregate data to understand whether online discourse is characterized by unexpected peaks of aggression, anger or other negative emotions on the topic of religion[;]

component for detecting disinformation linked to religious fake news, aimed at monitoring the presence of religious-themed disinformation on Twitter. To automatically identify religiously themed hate messages online, we use both generic datasets and data collected specifically for PROTECTOR, including comments posted on Twitter and YouTube. These comments are anonymized by removing user names and replacing users and URLs present in the text of the posts with USER and URL. The social media analytics components employ Transformer-based language models: dictionary-based approaches and semantic searches to detect hate speech, emotion, geographic locations, and religious misinformation in the aforementioned social media posts."

“as part of the [“Protector”] project […], the Foundation […] is responsible for developing AI technologies for the analysis of video surveillance scenes solely starting from visual data, however the processing of no audio signal”;

“[…] for the 11 static IP surveillance cameras of the Municipality […] involved in the project, the Foundation […] [provides] access to the internal network of the Municipality […] and to the non-operational real-time video stream for by means of specific credentials […]. Once the connection was established, the Foundation [...] acquired a non-operational video stream from each camera involved in the project, reaching its IP address";

“The video data is immediately anonymized by automatically blurring faces and vehicle license plates, thereby removing personal identifiers and ensuring that people cannot be identified […]. The acquired video data passes through the Foundation's systems [...] for the time strictly necessary for anonymization and, subsequently, definitively deleted";

“the anonymized data relating to the images of the Municipality's cameras [...] are saved on the Foundation's servers [...] to be processed by AI algorithms [...]; they are also accessible through the PROTECTOR platform exclusively to members of the Consortium and the European Commission; their circulation outside the project itself is therefore not envisaged";

With specific regard to the “Precrisis” project, the Municipality declared that “[for] PRECRISIS - PRotECting public spaces thRough Integrated Smarter Innovative Security (Grant Agreement - GA n. 101100539 - PRECRISIS | ISF-2022-TF1-AG-PROTECT dd. 17/02/2023), the Foundation [...] is Technical Coordinator and Work package Leader. The project officially started on 05/01/2023 and has an expected duration of 24 months. The same is currently in the activation phase and no AI-based software component has yet been developed [...;] before the concrete activation of this project, all measures will be adopted to make the processing of the necessary personal data compliant with the [Regulation] ”.

The Municipality then, more generally, declared that:

“the processing is carried out exclusively for purposes related to the development of the projects […]”;

“the legal basis for the normal video surveillance activity implemented by the Municipality, through the local police force, can be found […] [in] art. 6, paragraph 1, letter e, [of the Regulation]), in particular pursuant to the provisions of [legislative decree] no. 11/2009, converted into [l.] n. 38/2009, which assigns specific tasks to Municipalities in the field of urban safety by establishing, in art. 6, paragraph 7, that "for the protection of urban security, municipalities may use video surveillance systems in public places or places open to the public";

“video surveillance processing is also attributable to the provisions of Directive 2016/680 and Legislative Decree no. 51/2018, as well as the specific legislation relating to the local police force and/or the so-called decree. “Minniti” [i.e. the legislative decree 20 February 2017, n. 14]”;

“[…] the provisions of Directive 2016/680 and Legislative Decree no. 51/2018 will eventually become applicable when the experimental phase is concluded and the functions developed through the research projects will be made usable in the use of municipally owned video surveillance systems by the local police force. At present, in fact, these functions, being still in the development phase, have not been made available when using these systems; therefore, the aforementioned legal basis is not relevant”;

“[…] the general function of public interest or connected to the exercise of public powers […] can also be traced back to the art. 2 of the Local Authorities Code (regional law 3 May 2018, n. 2 and subsequent amendments), where among the administrative functions of local interest attributed to the municipalities are the cultural, social and economic development of the population, which includes - in general terms - the development of the “Trento Smart city” project, which also includes the projects under examination”;

"since these are research projects, the provisions of Annex A.5 of the [Code] containing the ethical rules for processing for statistical or scientific research purposes were also deemed relevant, in compliance with the art. 89 of the [Regulation]”;

“[…] finally, the conventional agreements signed by the Municipality […] and the Foundation […] are considered relevant for the purposes of participation in the projects (Grant Agreement and Project Consortium Agreement)”;

as regards "the date from which the processing of personal data carried out through each of the aforementioned systems was carried out is identifiable: as regards videos, February 2022; as regards audio, March 2023”;

“[...] at present the projects are still in the experimental phase, as the development of the artificial intelligence algorithms that should implement the functionality of video surveillance systems by identifying and reporting potentially dangerous events has not yet been completed. Furthermore, it is specified that, starting from the date [above] indicated [...], the collection of the audio and video streams necessary for the development of the algorithms does not take place only in controlled environments and with the involvement of people who have given their consent to participate to the project, but also in the urban environment, i.e. through the cameras and microphones installed in some squares and streets of the city";

“[…] the areas of the city in which to place the cameras and microphones were selected as they were deemed […], particularly relevant in relation to the potential occurrence of significant events for the purposes of collecting samples useful for training the algorithms” ;

“[…] the Foundation […] is the technological partner of the Municipality […] in the development of the three research projects […] [and it has] been identified as the only entity external to the Municipality […] responsible for carrying out, through the management of audio and video flows produced by microphones and cameras, the processing of personal data aimed at the development of artificial intelligence algorithms. Based on this approach, the Municipality [...] proceeded to formalize with a union decree the appointment of the Foundation [...] as data controller pursuant to art. 28 of the Regulation […]”;

"no steps were taken to appoint the other project partners as data controllers, as it is envisaged that any communication to them of the data used within the projects will take place exclusively in anonymous form";

“[…] the video devices (cameras) previously already present and in operation in the municipal territory and currently used for the development of the projects only allow video recording and therefore do not acquire nor did they acquire in the past audio data”;

"the audio devices (microphones) currently used for the development of the projects, on the other hand, were not previously already present and in operation in the municipal territory and were installed during the current year [...] starting from the date indicated above";

“the data analyzed are anonymized at the source [...], in proximity to the devices used to collect this information, they are not shared with third parties nor useful for profiling citizens. Situations are controlled by analyzing multimedia information in real time, using machine learning algorithms. More simply, through software and algorithms dedicated to identifying anomalies, which operate by comparing the audio and video received with a set of audio and video tests, previously simulated to instruct the machine to recognize dangerous situations. Once the anomaly has been recognised, the system under development could – potentially – be used to alert local authorities, signaling the type of event to intervene more quickly and more effectively to support citizens. It would be up to the Local Police operator, who monitors the images coming from the cameras, to establish whether it is necessary to intervene or not; it is not the system that determines which actions must be implemented to respond to situations of potential threats. The MARVEL system is not able to analyze or understand conversations, but only to associate audio and video with situations considered dangerous";

“pursuant to articles. 13 and 14 of the Regulation [...], steps have been taken to provide interested parties with information relating to the processing carried out for the development of the projects in the following ways: placement of specific signs with simplified information in correspondence with the places where the microphones and cameras; publication on the municipal website of detailed information on the processing of personal data acquired. For further transparency purposes, citizens were also informed about the development of the projects and their characteristics and implications during a specific press conference held on 8 May 2023, which was followed by the publication on the specific municipal website Press release";

“as part of the […] MARVEL project, audio signals are anonymized directly at the source. The microphones are connected to [a so-called “single board computer”] which detects the segments containing speech and modifies the characteristics of the voice so as to make the speaker no longer recognizable, and then makes the anonymized signals available for further processing. […] Removing voice characteristics uses [a specific] library […]”;

“As part of the European MARVEL and PROTECTOR projects, raw videos are anonymized to remove personally identifiable information and/or characteristics, including people's faces and vehicle license plates. Anonymization is achieved by first detecting faces and license plates on each video frame and then applying Gaussian blur to the detected regions. To detect faces and license plates, the generic object detector […] is used, pre-trained on [a] publicly available dataset […]. The face detector was further refined using the […] benchmark, a publicly available dataset. The license plate detector was further trained using annotated videos captured as part of the MARVEL project.”

In response to a further request for information from the Authority (prot. note n. XX of XX), the Municipality, with prot. note. n. XX of the XX, declared, in particular, that:

the activities under investigation "fall within the scope of European projects - MARVEL, PROTECTOR and PRECRISIS - whose objectives and methods of implementation are the subject of specific "Agreements" signed for each project between the European Commission, the Coordinator and the Partners of project beneficiaries of funding";

“the PROTECTOR project has already ended, the MARVEL project will end at the end of the current year, while the PRECRISIS project began in May 2023 and is scheduled to end in April 2025 […]. To date, no personal data processing activity has been undertaken by the Municipality [...] (nor by the Foundation [...]) in relation to this latest project, as it is still in the planning and context analysis phase" ;

"as regards [...] the participation of the Municipality [...] in the projects, the legal basis of the processing is identified in the legal and statutory provisions (art. 2 regional law no. 2/2018, articles 3 and 7 Statute of the Municipality […]) which include among the administrative functions of local interest attributed to the municipalities the cultural, social and economic development of the population, to which the development of the “Trento Smart city” program (as a strategic project of the Municipality) can certainly be traced back, in which the [aforesaid three] projects include […]”;

“furthermore, also pursuant to the new art. 2 ter paragraph 1 bis of the [Code], the processing of personal data carried out for, and within, such projects were considered necessary for the exercise of such functions and the pursuit of their purposes";

“the provisions of Annex A.5 of the [Code] containing the ethical rules for processing for statistical or scientific research purposes have been recalled, for relevance, in the document “Compliance with the ethical requirements established for the participation of people in European projects - MARVEL (Grant Agreement no. 957337) and PROTECTOR (Grant Agreement no. 101034216)” which describes the measures planned/adopted both by the Municipality […] and by the Foundation […] to regulate the processing of personal data carried out in the context of aforementioned projects, thus not wanting to imply that it is a legal basis specific to the Municipality [...]. [The] Foundation […] participates in the project activities in its capacity as a non-profit research body of public interest […] whose main purpose is to promote, carry out and develop scientific research activities and to disseminate and enhance the results of the same both in the perspective of the advancement of knowledge and of service to the local community (articles 1 and 2 of the Foundation's Statute)”;

“the research staff of the Foundation [...] aligns their research and study activities - also for the [aforesaid three] projects [...] with the ethical principles and rules [...], principles and rules which are attached to the Code of Conduct of the same Foundation”;

“it is confirmed that the anonymization of audio data consists in the replacement of the speaker's voice, maintaining the characteristics of the audio signal as unaltered as possible, including the semantic content of speech. This approach, compared to a complete elimination of conversations from the audio signal, responds to the objective explicitly foreseen in the Grant Agreement signed with the European Commission (description of Task 3.1 of Work Package 3, pages 20-21 of Annex 1 (part A ) of the Grant Agreement) to develop minimally intrusive anonymization techniques that preserve the acoustic context and allow effective processing of signals without loss of information";

“the risk associated with this approach was assessed in the context of the ethical screening activities requested by the European Commission for the MARVEL project and carried out by the Coordinator - Foundation for Research and Technology Hellas (FORTH - EL) and by the partners responsible for the legal, ethical aspects , data protection and AI - Privanova Sas (FR) and Univerzitet u Novom Sadu Fakultet Tehnickih Nauka (UNS - RS) […] The risk was classified as low in Deliverable D9.5. This deliverable will soon be updated - by the Coordinator and the partners mentioned above - in D2.6 and whose submission is expected in December 2023";

“within the MARVEL project, it is important to distinguish two different uses of the audio (and video) tracks, corresponding to two different purposes of the project: the prototype/demonstrator and the data corpus.

The project prototype/demonstrator, accessible exclusively to MARVEL project partners, is not in continuous operation, but is activated for limited time periods linked to specific project activities (research, development, benchmarking, evaluation, etc.). The prototype/demonstrator, in addition to allowing Partners to analyze anonymized audio (and video) signals in real time, makes temporary copies of short anonymized audio (and video) segments associated with relevant events, so as to allow them to be displayed in the intended dashboard. to users (project partners' staff);

the data corpus involves the archiving of anonymized audio (and video) tracks in a storage space accessible to the Partners who have access to the project platform. The data is stored with metadata about the time, date and location of the recording. This data allows "ex-post" analysis. Also in this case these are not continuous recordings, but recordings that cover short periods of time";

"[this] approach [...] is also expressed in the contract for the appointment of the person responsible for processing personal data stipulated between the Municipality [...] and the Foundation [...] and in the analysis document attached to the same, in which the progressive implementation was envisaged by FBK of the following forms of anonymization of audio data: removal of segments containing speech from the data recorded on FBK servers; removal of segments containing speech from data recorded on devices connected to microphones; conversion of the voice of speakers registered on the FBK servers [...]. The final solution created in the project, which involves the conversion of the speakers' voices on the devices connected to the microphones, is an improvement compared to the solutions provided in the aforementioned annex";

“[with regard to] videos [in the context of the] MARVEL and PROTECTOR project […] the risk associated with the approach of anonymizing videos through the blurring of faces and license plates was assessed in the context of the required ethical screening activities by the European Commission for the MARVEL project […] [and] was classified as “low” […]”;

"[this] approach [...] was also expressed in the contract for the appointment of person in charge of personal data processing stipulated between the Municipality [...] and the Foundation [...] and in the analysis document attached to the same, in which it was noted in particular that “for visual data, the most vulnerable content is a person's face, for which it is not difficult to find sample images with related identifier (ID) on the Internet. Clearly, other characteristics could be exploited, such as clothing, a particular haircut, or body morphology; however, these characteristics are not sufficient to uniquely identify a person with respect to facial features. Furthermore, the removal of all visual content relating to a person would significantly deteriorate the performance of other activities of the algorithms for monitoring situations of potential danger or deemed anomalous, some of which could be made unidentifiable" and that "in the event that video data involving cars similar concepts will apply, with license plates filling the role played by faces for the human figure””;

“regarding the Twitter messages and YouTube comments collected as part of the PROTECTOR project, it is clarified that they are processed to extract information relating to hateful content or expressed emotions. Once the analysis is completed, the text of the individual messages/comments is no longer used, is not integrated into the PROTECTOR platform and is therefore not visible or accessible by any user. The analysis proposed on the platform in fact presents aggregate results that can no longer be traced back to messages from individual users. As for the authors of the messages/comments, YouTube users are immediately deleted, while Twitter users are pseudonymized by replacing the real username with an automatically generated random user ID. Reiterating that it was not made accessible for operational activities but only for demonstration purposes to the members of the consortium, in the platform, according to the logic with which it was implemented, the project partners can visualize the network of interactions between users (without any type of information on the content of the messages) by displaying only the randomly generated user IDs; access to this information is only possible via authentication. Only the law enforcement agencies involved in the project (Local Police - IT, Antwerp Police - BE and Ministry of the Interior of Bulgaria - BG), have access to a version of the platform where user networks can be displayed with names actual users (without any information on the type of messages these users exchanged). […] It is also specified that the platform does not analyze a flow of messages in real time, but contains for demonstration purposes the analyzes relating to messages collected over a period of three months (November 2021 - January 2022). The analysis of the risks linked to the use of messages/comments on social networks is presented in Deliverable D4.3. (sections 2.1.1.2 and 2.1.1.4). Details on authentication are reported in Deliverables D4.4. and D4.5”;

“relating to the sharing of anonymized audio and video content within the MARVEL project, the technical activities within the competence of the Foundation […] concern the implementation and operation of a software component (RTSP server) which receives the anonymized flows and makes it available to the components that request it within the project platform. Furthermore, in relation to the data corpus, the Foundation [...] makes the anonymized audio and video data available, accompanied by metadata relating to date, time and place, through a program (Java executable) provided by the Consortium. The anonymous data is made available and accessible to the project partners for their respective activities […]. Regarding the sharing of anonymized video contents within the PROTECTOR project, they are accessible exclusively to the project partners, the European Commission and the project reviewers, through a software demonstrator, part of the PROTECTOR platform. […].

With note dated XX (prot. n. XX), the Office, on the basis of the elements acquired, the checks carried out and the facts that emerged following the preliminary investigation, notified the Municipality, pursuant to art. 166, paragraph 5, of the Code, the initiation of the procedure for the adoption of the measures referred to in the art. 58, par. 2, of the Regulation, for having processed personal data in a manner that does not comply with the principle of "lawfulness, correctness and transparency", in violation of art. 5, par. 1, letter. a) of the Regulation; in the absence of a legal basis, in violation of the articles. 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code; failing to provide interested parties with some of the information required by data protection regulations, in violation of 13, par. 1, letter. c) and e), and par. 2, letter. a), b) and d), and 14 of the Regulation; communicating personal data to third parties, including those relating to crimes and particular categories (religious beliefs), in the absence of a legal basis, in violation of articles. 5, par. 1, letter. a), 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code; failing to stipulate a data protection agreement with the Foundation (data controller), in violation of art. 28 of the Regulation; failing to draw up a data protection impact assessment compliant with the requirements of data protection legislation, in violation of art. 35 of the Regulation.

With the same note, the aforementioned owner was invited to produce defensive writings or documents to the Guarantor or to request to be heard by the Authority (art. 166, paragraphs 6 and 7, of the Code, as well as art. 18, paragraph 1, of the l. 24 November 1981, n. 689).

With note dated XX (prot. n. XX), the Municipality presented a defense statement, declaring, in particular, that:

“starting from 1 November 2023, the processing of data has been limited, blocking any activity that could lead to its detection or use, with the exception of mere conservation even for defensive purposes”;

“the assessments that guided the Municipality's actions [...] were based on the fact that, in the pursuit of the public good of urban safety, there was a full realization of the principle of lawfulness. Furthermore, as regards the contents of the video and audio recordings, participation in the European Projects started from the assumption that the objectives could be achieved without any processing of personal data, therefore not even data belonging to particular categories or relating to criminal convictions and crimes";

“the video and audio recordings acquired and processed as part of these Projects are intended for the so-called "training" of the software, i.e. to make them effective in the activity of recognizing potential risk situations for the safety of cities";

“[…] the Municipality […] intended to provide a few hours of recordings of public squares in its city, on the assumption that they would be used only after adequate removal of any personal data”;

“without the guarantee that no personal data were used, the municipal administration would never have agreed to make its contribution to these projects. On these assumptions, aware of the risks in the use of video and audio recordings, the Municipality [...] made use of the work and assessments carried out by technical partners with proven competence and experience - in particular the Foundation [...]";

“the participation of the Municipality […] in the mentioned European Projects must be seen precisely in the desire to contribute to completing valuable research and, ultimately (with a view to its full use), to improve the level of safety of the municipal territory and the quality of life of its citizens";

"with reference to the "Marvel" and "Protector" Projects, the DPO of the Municipality [...] in the XX, in dealing with the issue upon express municipal request, communicated with an opinion that "With regard to the verification of the existence of the basis of lawfulness of the processing with reference to research projects, the existence of the same is confirmed with reference to article 6, paragraph 1, letter e) of the Regulation [...]";

"that being said, also taking into consideration the opinions of the DPO, the Municipality [...] deemed the lawfulness of the processing to exist [...] with particular regard to the protection of urban safety [...]";

"it is considered more than evident that the municipal body was in good faith in considering the principle of lawfulness fully implemented in relation to the "legal basis" (Recital no. 41 of the [Regulation]): the multiple national regulations [on the subject of urban security], aimed at pursuing the public good and security (in full coherence with the aims of the Project) were considered a more than adequate legal basis legitimizing the processing";

"this consideration is valid as proof of the fact that any error of law contested [...] [by the Municipality], was substantially inevitable and, therefore, "excusable", in light of a series of positive elements, extraneous to the Municipality [...] ], suitable to generate the belief of lawfulness of the conduct, the Municipality itself having done everything possible to comply with the regulations cited";

"the Municipality [...] considered, in absolute correctness and good faith, that in both cases (images and sounds) no processing was carried out (in the case of the images, further than that in progress for purposes of public safety and order public)":

“[…] the Municipality […] oriented its actions according to an assessment of “probability and severity” [of the risk of identification of the interested parties] […]”;

“for the “Marvel” and “Protector” Projects, video traces of modest quality were acquired from the use of these cameras […] For the “Marvel” Project there are a total of 14 cameras, positioned in a total of locations ( essentially corresponding to some squares in the city), with shots of the same place from different angles; for the "Protector" project, a total of 4 cameras were used, positioned in 4 squares; the resolution of the frames is 1200x1600 pixels, i.e. less than 2 megapixels [...] the video is subject to high image compression, which generates the so-called “artifacts”, i.e. an alteration of details; the cameras are located at a height between 3.5 and 40 meters from the ground; in low light conditions (evening, night and early morning) the cameras work in infrared, so in this situation they only record in black and white and with reduced contrast; since it is often a view from above and at a certain angle, people and objects are portrayed with a perspective distortion that alters their characteristics; video tracks of 1 consecutive minute (for “Marvel”) or 3 consecutive minutes (for “Protector”) were acquired from each camera, with the impossibility of acquiring the previous or subsequent minutes, so that between one track and another of the same camera spends an average of one hour; the tracks were used by the researchers only some time after recording, i.e. not live";

"for the "Marvel" Project, a total of 309 hours of video recording were acquired (corresponding to 13 days), referring to a time span of 20 months (between February 2022 and 1 November 2023, when all activity was blocked); within the “Marvel” project, there were approximately 60 researchers who could access the data;

“for the “Protector” Project, a total of 18 hours of video recording were acquired, relating to a time span of 15 months (between February 2022 and 30 April 2023); of these, only approximately 4 hours are currently stored, as the data was no longer necessary within the Project; within the “Protector” Project, there were approximately 90 researchers who could access the data;

“it can be estimated that each person in the frames is composed of only a small group of pixels, making the graphic representation of physical characteristics extremely limited”;

"these elements, weighed together, led the Municipality [...] to believe - once the further anonymisation of people's faces and vehicle license plates had been carried out (through blurring or alteration) - that it was not actually possible to recognize personal characteristics sufficient to allow the subjects portrayed to be uniquely identified. Therefore, we were convinced that the objective circumstances and technical measures were such as to exclude substantial processing of data relating to identified or identifiable persons";

“as for the so-called “motivated intruder test”, the limited value of the information was also highlighted (since these were shots of modest quality, of short duration and taken in public squares)”;

“furthermore, even looking at the subjective element, there is no motivation or interest (neither on the part of the Data Controller and the Data Processor nor on the part of the researchers who have access to the anonymized data) in the re-identification [of the interested parties, given that] [...] for the institutional purposes of the Projects the personal data have no use";

“the audio recordings were made through microphones connected to a hardware device ([so-called “single board computer”]) installed specifically for the project purposes. The Foundation has installed the anonymization software provided as part of the "Marvel" Project on the device. By express desire and compliance with the project purposes, the microphones used had a reduced capacity to pick up sounds, as only the recording of intense noises (such as those caused by vehicle collisions, an explosion, etc.) was relevant";

“there are a total of 6 microphones, positioned in 3 places (corresponding to some of the city squares where the cameras are already installed); audio tracks of only 1 consecutive minute were acquired from each microphone, with the impossibility of acquiring the previous or subsequent minutes, so that approximately an hour passes between one track and another from the same microphone; overall, 85 hours of recording were acquired (equal to less than 4 days), relating to a time span of 8 months (between March and 1 November 2023, when all activities were blocked), all within the scope of the Project “Marvel”; the tracks were used by the researchers only some time after recording, i.e. not live; furthermore, the microphones were installed at a height between 3.5 and 7 meters from the ground; the intensity of the sounds that could be picked up was reduced by the presence of a protective box (electrical junction box) inside which each microphone was inserted (to protect it from the elements); the audio could be accessed by approximately 60 "Marvel" researchers;

“the Foundation has communicated that on the basis of these calibrations all the audio tracks are composed almost entirely of silence or indistinguishable background noises. Only in rare moments are other sounds perceptible, essentially referring to extraordinarily noisy events that occurred in a place very close to the microphone and always limited in time to approximately 1 minute (mainly the transit of a heavy vehicle, the siren of an emergency vehicle, etc. )”;

"only for the rare eventuality of recording people's voices, anonymization at the source of the segments containing speech was provided, with alteration of the characteristics of the voice so as to make the identity of the speaker no longer recognisable. This alteration activity was carried out directly at the microphone, so as to make already anonymized audio tracks available to researchers";

"all these circumstances had led the Municipality [...] to believe that, in the context of the "Marvel" Project, even for the audio recordings there had been no substantial processing of information concerning identified or identifiable persons";

“[...] again for the audio recordings - considering that the microphones had been installed in compliance with a specific contractual agreement contained in the "Marvel" Project, within which the use that would be made of them was already defined - yes it is believed that the Municipality [...] could not be attributed any special role in defining the purposes and methods of the processing";

as regards the processing of "messages or comments from users of the "Twitter" and "YouTube" web platforms" within the "Protector" project, "the Trentino municipal administration has never participated in any decision regarding this research activity, remaining even unrelated to any actual operational activity inherent thereto. In other words, no processing was ever carried out by the Municipality [...], or in its interest or to its advantage. In fact, this activity was foreseen as part of work package 3 ("WP 3") which did not attribute any concrete operational role to the municipal administration";

"the provision according to which the "usernames" of the authors of messages published on the "Twitter" platform were shared with some public authorities, was foreseen in the interest of other institutional partners (such as the Antwerp Police and the Ministry of the Interior of Bulgaria), but was never requested or desired by the Municipality [...]. In fact, this provision has remained completely unimplemented, as there has never been access to the data by the local Trentino Police Force, nor by other Municipality staff";

"precisely because of this total extraneousness, in the documentation drawn up by the Municipality (impact assessment, information on processing, etc.) no mention was made of processing activities of data taken from the web and, in any case, of data on beliefs religious”;

"in view of what has been illustrated, the Municipality [...] has always considered that, in relation to the data collected on the web, only those who were directly involved in such operations should be considered data controllers";

“with reference to the dispute of the processing of particular categories of data and data relating to criminal convictions and crimes […] the Municipality […] relied on the usual qualification of the images as “common” personal data;

“data relating to observations of events in which the details of a crime can be integrated are not normally considered data processing pursuant to Article 10 of the [Regulation]; however, it is considered such processing if, subsequently, the course of events is separated in order to document, take subsequent measures or report the crime. In the present case, neither the Municipality [...] nor the Foundation processed judicial data, as the recordings were not used for the purpose of isolating or identifying single individuals (or groups of individuals) with the aim of proceeding with subsequent activities by the Authorities public (e.g. investigations, arrests, sanctioning measures). It is underlined, in fact, that each video and audio segment is intended for the sole purpose of "training" the software to recognize dangerous situations";

“[…] this must apply to both video recordings and audio recordings, as the same arguments can be applied”;

“with regard to data relating to religious beliefs, constituting a particular category of data pursuant to art. 9 of the Regulation, what was said above applies [...], having to affirm the Municipality's non-involvement [...] in the processing";

"the Municipality takes note of the considerations made [by] the Authority regarding the possible misunderstanding generated among citizens resulting from the fact that the purpose of the data processing reported in the information placed near the registration systems was not clear, and intends to adapt the information that will be necessary to use for future occurrences";

"the information, and in particular the second level information, was drawn up on the basis of models provided by the DPO of the Municipality [...] and in coherence with the internal municipal directives";

"in the first and second level information the legal basis and the purposes of the processing have been identified and explained in relation to the legal basis of the processing considered relevant (this in particular for the first level information in which reference is made to the protection of urban security); in this regard, it is worth recalling the Municipality's commitment [...] regarding the fact that no further processing was carried out in addition to that already underway (detection of images for purposes of public safety and public order) and, in any case, that no data belonging to particular categories were involved (art. 9 of the [Regulation]) or relating to criminal convictions and crimes (art. 10 of the [Regulation])”;

"the failure to indicate in the information that the equipment was also capable of picking up people's conversations is also justifiable by the fact that, due to the intrinsic characteristics of the recording system (as described above) the actual possibility of hearing relevant semantic contents was to be considered an almost null eventuality";

"as regards the absence of a specific illustration of the processing of personal data concerning the publication of messages on the "Twitter" platform or comments on the "YouTube" platform within the "Protector" Project, reference is made to what is indicated above [in relation to the role played by the Municipality]”;

“the information was set up and carried out in full good faith, giving information and reassurances to citizens, in line with what was said above, on the assumption that the data was anonymized, also thanks to the competence and experience of FBK; from this derives the second level information without reference to the communication of data to third parties";

"in addition to the first and second level information, which was drawn up on the basis of the project agreements (Grant Agreement) and according to the models shared with the DPO, forms of public disclosure of the Projects were promoted including press releases, press releases institutional website of the Municipality, dissemination of information regarding the Projects also via the social networks of the Municipality and the Mayor (including the press conference of 8 May 2023) and presentation videos of the Projects were disseminated on YouTube";

"with reference to the information pursuant to art. 13 of the GDPR [...] the Municipality relied on the opinion of the DPO";

“the drafting of the impact assessment was also started, the drafting of which was completed already on 19 January 2022 (when it was shared for the first time with the DPO, as shown by the exchange of emails [in documents]). The impact assessment was subsequently inserted into the IT application containing the register of processing activities [...] in March 2023, only after having obtained the final opinion of the DPO on the assessment itself ([in documents]). Therefore, it is believed to have documented the fact that the Municipality had carried out the impact assessment before the start of the treatments (February 2022 for the video part, March 2023 for the audio part) and that the assessment itself is attributable to the Body";

“[…] the Data Protection Officer was duly involved. The DPO, after long and careful discussions with the Municipality, had expressed a positive opinion [...]";

“the act of appointment [of the Foundation as data controller] was formalized with a union decree, digitally signed by the Mayor […] on 3 February 2022 […]. The decree was then transmitted to FBK, which returned a copy countersigned on 7 February 2022 by its legal representative for acceptance of the appointment [...]. Due to a mere clerical error, the copy of the document already sent [to the] Authority did not contain the original protocol date, but nevertheless retained the correct dates of affixing the two digital signatures";

“it is specified that the nomination contained an annex […], entitled “Compliance with the ethical requirements established for the participation of people in European projects - MARVEL (Grant Agreement n° 957337) and PROTECTOR (Grant Agreement n° 101034216)”, which , together with the same nomination countersigned for acceptance, constitutes a joint agreement, governing the rules to be followed for data processing, in particular for the anonymization phase. In fact, it is reiterated that this annex was drawn up jointly with the Foundation, which, in particular, also contributed by indicating the specific anonymisation techniques that it deemed appropriate to apply";

“on 1 November 2023, the Municipality [...] immediately contacted the Project Partners in order to make them aware of the observations made [by] the Authority. On this occasion, it was requested that all activities of the "Marvel" Project (the only one currently being tested) involving the acquisition and processing of the recordings in question be immediately suspended;

“this request for suspension was promptly found positively, with the consequent blocking of any data processing activity deriving from the recordings acquired in the public squares of the city of Trento, except for the mere conservation of the data also for defensive purposes”;

"it is confirmed that, as part of the "Protector" project, data has no longer been collected since the beginning of May 2023 and that, in any case also for this Project, all processing activities have been blocked".

During the hearing, requested pursuant to art. 166, paragraph 6, of the Code and held on date XX (see prot. minutes no. XX of the same date), the Municipality declared, in particular, that:

“the Municipality, in the context of the two projects, was one of the partners and not a leader; each partner was in fact called to make their own contribution, each within their own area of competence";

“the Municipality was confident in the fact that the treatments implemented in the two European research projects could be traced back to the legal framework on urban safety and to the specific competences that the same attributes to the Mayor”;

"in this context, the Municipality was interested in equipping itself with technologies aimed at identifying ex ante any risks to urban safety and, to this end, relied on the Foundation, a highly qualified entity, for the purposes of identifying the best technologies to be used in the context of the two European projects and the measures to be implemented in order to guarantee compliance with the right to data protection of the interested parties";

“the two projects, as they were aimed at strengthening urban safety in the municipal area, were instrumental in achieving the public good”;

"the Municipality, also with regard to the anonymization techniques to be used within the two projects, had relied on the Foundation, as a technological partner that could offer the highest guarantees by virtue of its specialist knowledge, without this having entailed a deresponsibility of the Municipality, which spoke with the Foundation in order to identify the most appropriate measures";

"as regards the transparency of processing, we have tried to implement all initiatives to ensure full awareness on the part of citizens";

"with regard to the impact assessment, there is no model predefined by law to carry it out, the Municipality having believed in good faith that the methodology used was suitable".

With subsequent notes from the Municipality (prot. n. XX) and from the RPD of the same, sent on XX date to integrate what was declared at the hearing, the defenses put forward by the Institution and already illustrated above were substantially reiterated.

3. Outcome of the preliminary investigation.

3.1 Processing of personal data carried out within the “Marvel” and “Protector” projects.

From the statements made by the Municipality during the investigation, as well as from the overall documentation in the documents, it emerged that the Municipality, acting as data controller, with the support of the Foundation, as data controller, participated in two research projects , called "Marvel" and "Protector", financed with European funds, with the aim of developing technological solutions aimed at improving safety in urban areas, according to the so-called paradigm. “smart cities”.

In particular and in summary:

the “Marvel” project (“Multimodal Extreme Scale Data Analytics for Smart Cities Environments”), which should have ended on 31 December 2023, involves the acquisition of footage extracted from video surveillance cameras already installed in the municipal area for urban security purposes (see articles 4 and 5, co. 2, letter a), of the legislative decree 20 February 2017, n. 14; see art. 7, paragraphs 7 and 8, of the legislative decree. 23 February 2009, n. 11), as well as the audio obtained from microphones specifically placed on the public road for the purposes of the project. Such data, which in the opinion of the Municipality would be immediately anonymized after collection, are analyzed in order to automatically detect, using artificial intelligence techniques, events relevant to the protection of public safety (e.g. gatherings, assaults, muggings, fights , etc.). As part of this project, the Municipality used a total of 14 cameras; Video tracks of 1 consecutive minute were acquired from each camera with an average interval of 1 hour between one track and the next. A total of 309 hours of video recording were acquired (corresponding to 13 days), relating to a time span of 20 months (between February 2022 and 1 November 2023). As for audio acquisition, a total of 6 microphones have been installed, positioned in 3 places in the cities where cameras are already installed. Audio tracks of just 1 consecutive minute were acquired from each microphone, with intervals of approximately one hour between one track and another. Overall, 85 hours of recording were acquired, relating to a time span of 8 months (between March and 1 November 2023);

the “Protector” project (“PROTECTing places of wORship”), which ended on 30 April 2023, involved, in addition to the acquisition of footage from video surveillance cameras (without audio signal), also the collection and analysis, through aforementioned artificial intelligence techniques, of hate messages published on the "Twitter" platform (now called "X") and comments published on the "YouTube" platform, in order to detect any negative emotions (aggression, anger or other negative emotions on the topic of religion), processing, through the aforementioned artificial intelligence techniques, information deemed of interest to the police, in order to identify risks and threats to the safety of places of worship. As part of this project, the Municipality used a total of 4 cameras, positioned in 4 squares; Video tracks of 3 consecutive minutes were acquired from each camera with an average interval of 1 hour between one track and the next. A total of 18 hours of video recording were acquired, relating to a time span of 15 months (between February 2022 and 30 April 2023); of these currently only about 4 hours are preserved.

Given that the urban security cameras and microphones placed on public streets have been used with the specific objective of identifying and analyzing facts relevant to the protection of public safety, which can therefore constitute crimes, and considering that users who post messages /hateful comments on the Twitter ("X") and YouTube platforms, analyzed in order to detect threats to the safety of places of worship, can commit specific crimes (see, for example, art. 604-bis of the criminal code in matter of propaganda and incitement to crime for reasons of racial, ethnic and religious discrimination), the Municipality, as part of the two projects, has implemented the processing of personal data relating to crimes (see art. 10 of the Regulation and 2- octies of the Code).

However, the Municipality's defense argument cannot be accepted, according to which the video surveillance images cannot in themselves be considered personal data relating to crimes, unless the same, once acquired, are subsequently actually used to ascertain a type of crime. As highlighted above, the video surveillance images were, in fact, acquired by cameras already installed in the municipal territory for the protection of urban security, or for the specific purpose of "preventing and combating the phenomena of widespread and predatory crime" (art. 5 , paragraph 2, letter a), of the legislative decree 20 February 2017, n. 14). In this regard, even in relation to the particular categories of personal data of the art. 9 of the Regulation, the European Data Protection Committee clarified that "video surveillance is not always considered a processing of particular categories of personal data [...];] however, if the video footage is processed to obtain particular categories of data , Article 9 applies” (“Guidelines 07/2020 on the concepts of controller and processor under the GDPR”, adopted on 7 July 2021, points 62 and 63). Likewise, the video surveillance cameras in question were installed by the Municipality for the main purpose of identifying and documenting cases of crime connected to the phenomena of widespread and predatory crime, and also as part of the "Marvel" and "Protector" projects the images were used for the specific purpose of training artificial intelligence algorithms to recognize potential risk situations for public safety.

Furthermore, given that the aforementioned messages/comments acquired from social networks concern the religious sphere and may reveal the religious beliefs of the relative authors or third parties mentioned in said messages, the Municipality has also implemented the processing of personal data belonging to categories particulars (see art. 9 of the Regulation and 2-sexies of the Code).

As regards the "Precrisis" project, however, it is noted that the Municipality has declared that no processing of personal data is currently being carried out, "as it is still in the planning and context analysis phase".

3.2 The role of the Municipality and the Foundation for the purposes of data protection legislation.

In the context of the aforementioned projects, the Municipality claimed to act as data controller, while the Foundation would have played the role of data controller, having been designated as such by the Municipality.

In this regard, it is noted that, although the Foundation is also among the partners of the projects in question, in the agreements stipulated for the use of community funds (so-called "grant agreements") the Municipality is identified as the leading and coordinating entity for the purposes of managing of experiments in its territory, while the Foundation is considered a support partner, able to offer skills and technologies that the Municipality does not have (see the "Grant Agreement" of the "Marvel" project, attached to the Municipality's note of 18 October u.s., cit., where it is stated that "the Municipality [...] will be the leader of the Trento use case, focused on the monitoring of public urban areas. It will conduct the pilot activities by guiding the WP6 [Real-life social experiments in environment of smart cities]” (page 98), while “FBK will offer its current solutions and research into new techniques in the field of Smart Cities […] [and] will contribute […] significantly to WP6 [Social experiments of real life in the smart cities environment] by participating […] in […] experimentation activities” (p. 86); regarding the “Protector” project, see the relevant "Grant Agreement", attached to the same note, which states that "[the Foundation] will define the criteria for the pilot tests and develop an evaluation matrix [...] The first pilot test will be conducted in Trento, Italy and will be coordinated [ by the Municipality]” (page 18)).

On the other hand, the Municipality itself declared during the investigation that "the Foundation [...] is the partner that provides part of the hardware infrastructure for data processing and audio/video anonymization technologies", which "on indication of the Municipality [...] - provides two workstations in its laboratories", which "deals with the acquisition of audio and video data", which is "responsible for the development of the software platform called PROTECTOR Platform", therefore being "partner technology of the Municipality [...] in the development of the three research projects [...] identified as the only entity external to the Municipality [...] responsible for carrying out, through the management of the audio and video flows produced by the microphones and cameras, the processing of personal data aimed at the development of artificial intelligence algorithms" (note of the XX).

It is also noted that, as declared by the Municipality and as illustrated above, the video footage in question is obtained from video surveillance cameras which are already installed in the municipal territory for the pursuit of urban security purposes, with respect to which the Municipality, and not also the Foundation, acts as data controller. Also in relation to the microphones used to capture the audio signal as part of the "Marvel" project, it is noted that only the Municipality, and not the Foundation, could take the decision to install such devices on public roads, as a local authority with administrative powers over its territory.

Therefore, the Municipality exercised a "decisive influence on the [essential] purposes and means of the processing" ("Guidelines 07/2020 on the concepts of data controller and data processor pursuant to the GDPR", cit., point 30), having, therefore, acted as "data controller" (art. 4, par. 1, no. 7, of the Regulation).

However, it is not relevant, except for the purposes of evaluating the subjective element, that the Municipality believed in good faith - also on the basis of the technical advice that was provided to it in this regard by the Foundation - that participation in the two projects would not have entailed a processing of personal data, a defense which, moreover, conflicts with the circumstance that the Municipality has qualified itself as data controller from the beginning, has designated the Foundation as data controller and also in its defense briefs has supported the existence of a basis legal basis suitable to justify the processing of personal data carried out in the context of the two projects.

As regards the processing of personal data contained in the messages or comments of users of the "Twitter" ("X") and "YouTube" platforms as part of the "Protector" project, it is noted that the Municipality has denied its ownership of such processing only in the defense briefs - presented after notification of the violation referred to in the art. 166, paragraph 5, of the Code - having, however, during the investigation supported its full participation in the "Protector" project, so much so that - in response to requests for information from this Authority - it illustrated the specific processing of personal data put in place within the scope of the same.

In any case, the Municipality's defense cannot be accepted, as it is not conclusive that the Institution has not directly implemented specific processing activities in this area. In fact, by deciding to participate in the "Protector" project, making its territory and infrastructure available for the purposes of the same and benefiting from the overall results of the research, the Municipality has decided the purposes and means of the processing also with regard to the information obtained from the aforementioned social networks. On the other hand, the Municipality was fully aware of the processing in question (see the page of the Municipality's institutional website dedicated to the Protector project, which states that "in PROTECTOR a set of advanced technological components capable of analyzing sources heterogeneous data (surveillance cameras, websites, social networks, etc.) and will combine them through the support of ICT tools based on artificial intelligence techniques to provide "alerts" in the event of an increase in risk relating to the security of places of worship ” - https://www.comune.trento.it/Aree-tematiche/Smart-city/Progetti-d-associazione-conclusi/Protector) and the local police of the municipality had been identified from the beginning as the experimental subject together with the Antwerp Police and the Bulgarian Ministry of the Interior, each for their respective national context and for their own territorial area of reference.

Furthermore, the Municipality's statement according to which "this activity was foreseen as part of work package 3 ("WP 3") which did not attribute any concrete operational role to the Municipal Administration" is not confirmed in the documents (see defensive memory). From the c.d. "Grant Agreement" relating to the "Protector" project, in the documents, it emerges, in fact, that among the subjects involved in this work package are included "FBK" (i.e. the Foundation) and "TN" (i.e. the Municipality) (p. 68; see also page 101).

More generally, the "Grant Agreement" mentions "TN" (i.e. the Municipality) among the subjects responsible for the "management and coordination of all activities relating to the "Protector" project", required to provide "supervision over all project activities and the results." Furthermore, the Municipality is responsible for the execution of the project on its territory and for the coordination of the first "pilot test" relating to the "Protector" project (page 33; see also page 106).

For the same reasons, it does not note that "the provision according to which the "usernames" of the authors of messages published on the "Twitter" platform were shared with some public authorities had been foreseen in the interest of other institutional partners (such as the Police of Antwerp and the Ministry of the Interior of Bulgaria), but was never requested or desired by the Municipality" (see defense brief), having the Municipality consciously participated in the project in the terms set out in the "Grant Agreement" and having, therefore, also accepted - beyond its own internal desires - the scope of data sharing envisaged therein (see the note of the XX, in which the Municipality declares that "only the law enforcement agencies involved in the project (Local Police - IT, Antwerp Police - BE and Ministry of the Interior of Bulgaria - BG), have access to a version of the platform where user networks can be viewed with actual user names (without any information on the type of messages these users have sent exchanged)”.

Furthermore, the fact that the local police of the Municipality never actually accessed such data is not conclusive, given that ownership of the processing does not necessarily presuppose the availability of the data or the completion of material processing operations. The Court of Justice of the European Union has, in fact, on several occasions clarified that any natural or legal person who influences, for its own purposes, the processing of such data and therefore participates in determining the purposes and means of such processing can be considered the owner of said processing, as it is not necessary that the purposes and means of the processing are determined through written guidelines or instructions from the data controller, nor that the latter has been formally designated as such, nor that he has physically carried out operations of treatment (see, most recently, sentence C-683/21, Nacionalinis visuomenės sveikatos centras, of 5 December 2023; see also C-807/21, Deutsche Wohnen, of 5 December 2023; C-40/17, Fashion ID GmbH & Co.KG v Verbraucherzentrale NRW eV, of 29 July 2019; C-25/17, Jehovan todistajat, of 10 July 2018; C-210/16, Wirtschaftsakademie Schleswig-Holstein, of 5 June 2018; see also the “Guidelines 07/2020 on the concepts of data controller and data processor pursuant to the GDPR”, cit., spec. par. 56).

On the other hand, the responsibility of the data controller "extends, as underlined by recital 74 of the [Regulation], to any processing of personal data carried out directly or that others have carried out on their behalf" (C-807/21, cit ., point 38). Since, a data controller is responsible not only for the processing of personal data that he carries out directly, but also for those carried out on his behalf, “such data controller may be subject to a pecuniary administrative sanction pursuant to Article 83 of the GDPR in a situation in which personal data are the subject of unlawful processing and it is not such a data controller, but rather a data controller, of which it has made use, who has carried out such processing on behalf of the owner", where it can be "reasonably believed that this owner has [...] consented to the processing" (sentence C-683/21, cit., points 84 and 85).

As for the Foundation, which assumed a servient position with respect to the achievement of the objectives of the two projects, providing its contribution limited to the scientific, technological and organizational profiles, it is believed that it has, instead, acted as "data controller" (art. 4, par. 1, n. 8, of the Regulation). Furthermore, it was considered as such by the Municipality itself, which for this purpose prepared a specific agreement on data protection, pursuant to art. 28 of the Regulation.

3.3 The anonymization techniques used.

Preliminarily, it is noted that it is not controversial that the Municipality, in the context of the two research projects, has implemented the processing of personal data in the phase of collecting information deemed of interest (video surveillance footage; audio coming from the microphones; messages/comments/profiles obtained from social networks).

The Municipality, in fact, claimed during the investigation that it had used - following the collection of this data - anonymisation techniques aimed at mitigating the impact of the two projects on the fundamental rights and freedoms of the interested parties.

On the other hand, as recently reiterated by the Guarantor, even the acquisition and temporary storage of personal data, such as the image of the face taken by video devices, even if for a reduced fraction of time, constitutes processing of personal data (see . provisions of 13 April 2023, nos. 122 and 123, web document nos. 9896808 and 9896412, relating to the processing, carried out by public entities, in the absence of a suitable legal basis, of personal data contained in videos obtained using devices video, as part of a project that involved the use of face detection algorithms based on convolutional neural networks; see also, in a compliant sense, the previous provision dated 21 December 2017, no. 551, web doc. no. 7496252).

Furthermore, on the assumption that the data - after having been subjected to these anonymisation techniques - could be considered removed from the scope of application of the legislation on data protection (see paragraph 26 of the Regulation), the Municipality shared the same with third parties participating in various capacities in the projects (see the following paragraph 3.6).

Having said this, it is noted that, contrary to what is claimed by the Municipality, the techniques it uses, following the collection of the data, cannot be considered suitable for achieving effective anonymisation of the same.

In particular, as part of the Marvel project, on the assumption that the microphones installed on public streets can also pick up conversations, the Municipality stated that "the anonymisation of audio data consists in replacing the speaker's voice, keeping the characteristics of the audio signal, including the semantic content of speech”.

In this regard, it is noted that the sole replacement of the voice of the speaking subject is in no way suitable for anonymizing the personal data related to a conversation, given that from the content of the same it is possible to obtain information relating both to the speaking subject and to third parties and that this information can make the speaker, his interlocutors or the third parties referred to in the speech identifiable.

In addition to this, it must be noted that, taking into account the wide variety of topics that are usually addressed in conversations, processing of personal data relating to crimes or particular categories or in any case concerning vulnerable subjects (minors, workers, fragile, etc.).

The fact that the Municipality was aware of this risk also emerges from the fact that the Data Protection Officer, consulted by the Municipality with reference to the projects in question, had highlighted, albeit providing an overall positive opinion, that " the use of audio microphones that record the voices and conversations of citizens in a way that allows their identification undoubtedly constitutes a particularly invasive way of using the video surveillance system" (see XX report), which "the impact on citizens with respect to the recording of voices and conversations will in any case be "perceived" in a significant way" (ibidem) and that "the "audio" collection of personal data represents a particularly "critical" element with respect to the invasiveness of confidentiality of citizens" (see XX report).

Coming to the defense theses put forward by the Municipality, it must be noted that only in its briefs - presented after notification of the violation pursuant to art. 166, paragraph 5, of the Code, and not even during the investigation, despite the timely requests for information made by the Authority's Office - the Municipality alluded to a limited capacity of the microphones in question to pick up conversations, in region of specific technical characteristics of the devices (relevance of only intense noises; placement of the microphones in a "protective box" which reduced the "intensity of the sounds that can be picked up") and of the measures adopted (installation of the microphones at a height "between 3 .5 and 7 meters high"), so much so that the Foundation has "communicated that on the basis of these calibrations all the audio tracks are composed almost entirely of silence or indistinguishable background noises". In this regard, it must be noted that the Municipality has not produced documentation capable of proving this circumstance. The alleged inadequacy of the microphones to pick up conversations in an understandable manner is not, on the other hand, consistent with the very purpose of the project, in relation to which the Municipality benefited from funding. The "Marvel" project specifically envisaged the collection of audio from conversations taking place in public streets. So much so that in the document “Compliance with the ethical requirements established for the participation of people in European projects - MARVEL (Grant Agreement n° 957337) and PROTECTOR (Grant Agreement n° 101034216)”, attached to the data protection agreement with the Foundation ( in documents), the organization had taken care to specify that "the conversations contained in the audio data cannot in any way be the subject of analysis, guaranteeing the privacy of citizens". In fact, the documentation relating to the project explained that "this approach [i.e. the replacement of the speaker's voice, keeping the characteristics of the audio signal as unchanged as possible, including the semantic content of speech], compared to a complete elimination of conversations from the audio signal , responds to the objective explicitly set out in the Grant Agreement [...] (description of Task 3.1 of Work Package 3, pages 20-21 of Annex 1 (part A) of the Grant Agreement) of developing minimally intrusive anonymization techniques that preserve the acoustic context and allow effective processing of signals without loss of information” (note of the XX; see also the document “D2.1 Collection and analysis of experimental data”, pages 57-58, in https://www.marvel -project.eu/deliverables/, which states that “audio anonymization aims to remove any information about the speaker's identity from an audio stream [...] However, speech conversion does not remove the spoken content of the utterance, which may potentially contain identifying information (e.g. names/addresses/etc.) and as such may not be the appropriate technique”; v. also the document “D3.3 E2F2C Privacy preservation mechanisms”, pages. 26-27, in https://www.marvel-project.eu/deliverables/, where it is stated that “the final objective of audio anonymization [is to preserve] the content of speech [and to remove] the identity of the speaker)".

As regards the video files used as part of the "Marvel" and "Protector" projects, the Municipality stated that the anonymization technique used consists solely in blurring the faces of the people and the license plates of the vehicles filmed. Even in this case, this technique cannot be considered suitable to ensure the effective anonymization of the data, given that the interested parties are still potentially identifiable through other physical characteristics or context elements (such as, for example, body size, clothing, position in the filmed scene , particular physical characteristics, etc.) or information held by third parties (such as, for example, press reports relating to current events, information provided by people present in the filmed scene, etc.) or information that can be inferred, for example, from the location of the camera (areas overlooking certain businesses, doctors' offices or schools) or, finally, information relating to the route taken by a specific person identified in the video images through the aforementioned physical characteristics and contextual elements, given the possibility of following his movements between the different cameras installed.

As with audio recordings, only in the defense briefs - presented after notification of the violation pursuant to art. 166, paragraph 5, of the Code, and not even during the investigation, despite the timely requests for information addressed by the Authority's Office - the Municipality alluded to the circumstance that - in consideration of the technical characteristics of the devices used (" resolution […] of 1200x1600 pixels”; “high image compression, which generates […] an alteration of details”; infrared mode in low light conditions, resulting in “black and white and reduced contrast” operation) and of the measures adopted (cameras at "a height between 3.5 and 40 meters from the ground"; viewing angle "from above", with consequent "perspective distortion") - it was not "practically possible to recognize sufficient personal characteristics to allow the subjects portrayed to be uniquely identified". Also in this regard, it must be noted that the Municipality has not produced documentation capable of proving this circumstance. The alleged insufficient quality of the video footage is not, on the other hand, consistent with the very purpose of the project, in relation to which the Municipality benefited from funding. The Entity's defense is further inconsistent, given that the video devices used in the two projects coincide with the cameras already installed by the Municipality for urban security purposes, i.e. for the "prevention and contrast of widespread and predatory crime phenomena ” (art. 5, paragraph 2, letter a), of the legislative decree. 20 February 2017, n. 14), therefore having to exclude that the video surveillance footage was not suitable - in terms of quality and level of detail - to allow identification of the interested parties, also on the basis of contextual elements. On the other hand, obtaining images with low resolution, such as not to allow the observer to distinguish specific elements of the scenes filmed, would certainly have compromised the very aims of the project and the possibility of training the artificial intelligence algorithms to recognize situations of potential risk for public safety (see, in this regard, the declarations of the Municipality, made in the note of the XX, regarding the technical characteristics of the platform relating to the "Protector" project, i.e. that it has a "component of automatic object detection", of an "object movement tracking component", of an "anomaly detection component", functions that the Municipality would not have been able to exploit in any way within the project in the face of a signal video of such degraded quality as to prevent not only the identification of people but also the understanding of the contextual elements of the scene being filmed).

Having clarified this, it must be noted that the inadequacy of the aforementioned techniques to guarantee full anonymisation of the data was well known to the Municipality, taking into account that, as stated during the investigation, in the documentation drawn up for the purposes of ethical and data protection assessments within the two projects the risk of identification of the interested parties was highlighted, although erroneously classified as "low". Furthermore, as regards the videos, in the act of designation of the Foundation as data controller, drawn up by the Municipality, it is stated that, for the purposes of identifying the interested parties, whose faces are subjected to blurring, "clearly, other characteristics, such as clothing, a particular haircut, or body morphology", although these characteristics were erroneously not deemed "sufficient to uniquely identify a person with respect to facial features".

In this regard, it must be noted that by "identification", "we do not mean only the possibility of recovering the name and/or address of a person, but also the potential identifiability through identification, correlation and deduction" (Working Group Art. 29, "Opinion 05/2014 on anonymisation techniques", WP216; see also provisions dated 18 July 2023, no. 311, web doc. no. 9920562; 2 March 2023, no. 65, web doc. no. 9874480; 25 February 2021, no. 68, web doc. no. 9567429; 2 July 2020, no. 118 and 119, web doc. no. 9440042 and no. 9440025).

Furthermore, in the case of conversations, the interested parties can be directly identified when explicit reference is made to a specific person in the conversation, for example by mentioning their name and surname.

With reference to the processing, within the "Protector" project, of messages published on the "Twitter" platform (now called "X") and comments published on the "YouTube" platform, in order to extract information relating to hate content or to the emotions expressed, the Municipality stated that the content of such messages, once analyzed, was deleted.

The data relating to the users of "YouTube" (usernames), authors of the aforementioned comments, were also immediately deleted, while the data relating to the users of "Twitter" ("X") (usernames) were only pseudonymised, being Each real username has been replaced with a randomly and automatically generated “ID”. Therefore, with reference to the networks of users on "Twitter" ("X"), involved in the publication of hate messages, the Municipality carried out a mere pseudonymisation and not anonymisation.

In this regard, it must be highlighted that the regulations on the protection of personal data also apply with regard to data subject to pseudonymisation, meaning by this "the processing of personal data in such a way that the personal data can no longer be attributed to a specific interested party without the use of additional information, provided that such additional information is kept separately and subject to technical and organizational measures intended to ensure that such personal data is not attributed to an identified or identifiable natural person" (cons. 26 and art. 4 point 5 of the Regulation). This means that the use of "additional information" can lead to the identification of individuals, which is why pseudonymised personal data should still be considered personal data. In other words, pseudonymisation, as a technique aimed at data protection, is not equivalent to anonymisation (see paragraph 26 of the Regulation and art. 32, par. 1, letter a), of the Regulation, where mentions "pseudonymisation" among the possible technical measures aimed at guaranteeing a level of security appropriate to the risk; see provision 27 January 2021, n. 34, doc. web no. 9549165). Therefore, as recently reiterated by the Court of Justice of the European Union, "it follows from Article 4, point 5, of the [Regulation], in conjunction with recital 26 of that regulation, that personal data which have only been the subject of pseudonymisation and which could be attributed to a natural person through the use of additional information must be considered information about an identifiable natural person, to which the principles relating to data protection apply" (sentence C-683/21, Nacionalinis visuomenės sveikatos centras, 5 December 2023).

Anonymous data, however, is anonymous only if it does not allow in any way the direct or indirect identification of a person, taking into account all the means (economic, information, technological resources, skills, time) available to the person (owner or other person) try to use these tools to identify an interested party.

Furthermore, the police forces involved in the project (Local Police of the Municipality of Trento; Antwerp Police; Ministry of the Interior of Bulgaria) had access to a version of the platform in which the networks of users on Twitter ("X") could be displayed with the usernames shown in plain text, albeit without any information on the type of messages that these users have exchanged (see next paragraph 3.6).

In light of all the preceding considerations, it must be concluded that - differently from what was proposed by the Municipality and despite the measures adopted by it, through the Foundation, in order to reduce the risk of identification of the interested parties - the video recordings, the files audio files containing conversations and information relating to user networks on the "Twitter" platform ("X"), subjected to pseudonymisation, must be considered information relating to identifiable natural persons, who, consequently, constitute "personal data" (art. 4, par. 1, n. 1), of the Regulation), the processing of which, for the entire life cycle of the data in the context of the two projects, should have respected the data protection principles (articles 5 and 25 of the Regulation ) and be based on a suitable legal basis that could justify the same (articles 6, 9 and 10 of the Regulation; articles 2-ter, 2-sexies and 2-opties of the Code).

3.4 The lawfulness and correctness of the processing.

The processing of personal data must take place in compliance with the provisions of the Regulation and the Code.

“Personal data” means “any information relating to an identified or identifiable natural person (“data subject”)”. Furthermore, “an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more elements characteristic of his physical, physiological, genetic, psychological, economic, cultural or social identity” (art. 4, par. 1, n. 1 of the Regulation).

The processing of data belonging to particular categories, including data relating to religious beliefs (see art. 9, par. 1, of the Regulation), is generally prohibited, without prejudice to the exceptions expressly provided for by the art. 9, par. 2, of the Regulation.

In this framework, public entities, in compliance with the principle of "lawfulness, correctness and transparency" (art. 5, par. 1, letter a), of the Regulation), can process personal data, also relating to particular categories of data (see art. 9, par. 1, of the Regulation), if the processing is necessary to fulfill a legal obligation to which the data controller is subject or for the execution of a task of public interest or connected to the exercise of public powers vested in the data controller (art. 6, par. 1, letters c) and e), as well as art. 9, par. 2, letter. g), of the Regulation and 2-ter and 2-sexies of the Code).

With specific regard to the processing of data relating to criminal convictions and crimes or related security measures, it is highlighted that this can only take place under the control of the public authority or if the processing is authorized by the law of the Union or of the Member States which provides appropriate guarantees for the rights and freedoms of the interested parties (art. 10 of the Regulation), or only if the processing is authorized by a law or, in the cases provided for by law, a regulation (art. 2-octies, paragraphs 1 and 5, of the Code).

In relation to the processing of personal data carried out for the pursuit of scientific research purposes, art. 89 of the Regulation, pursuant to which "processing for archiving purposes in the public interest, scientific or historical research or statistical purposes is subject to adequate guarantees for the rights and freedoms of the interested party, in accordance with this regulation. These guarantees ensure that technical and organizational measures have been put in place, in particular in order to guarantee compliance with the principle of data minimization", according to which personal data must be "adequate, relevant and limited to what is necessary with respect to the purposes for which are processed" (art. 5, par. 1, letter c), of the Regulation).

With regards to scientific research activities which have as their object the particular categories of data referred to in art. 9 of the Regulation, par. 2, letter. j), of the same article admits that such data may be processed for scientific research purposes on the basis of Union or national law, which is proportionate to the purpose pursued, respects the essence of the right to data protection and provides for appropriate and specific to protect the fundamental rights and interests of the interested party, in compliance with the aforementioned art. 89, par. 1, of the Regulation.

The processing of personal data for scientific research purposes must, in any case, be carried out in compliance with the provisions of the Code (104 et seq.), the Provisions relating to the processing of personal data carried out for scientific research purposes (annex 5 to provision of 5 June 2019, no. 146, web doc. no. 9124510), as well as the ethical rules for processing for statistical or scientific research purposes (annex A5 to the Code), which constitute an essential condition for the lawfulness and correctness of the processing carried out for this purpose (see articles 2-quater and 106 of the Code and 21, paragraph 5, of Legislative Decree no. 101 of 10 August 2018).

Having thus briefly reconstructed the relevant legal framework regarding data protection, it is highlighted that the Municipality claimed during the investigation to have used the aforementioned anonymisation techniques in order to mitigate the impact of the two projects on fundamental rights and freedoms of the interested parties, as it is therefore not in dispute that the Municipality collected and processed personal data as part of the two projects.

With regard to the conditions of lawfulness of the processing of personal data in the context of the "Marvel" and "Protector" projects, the Municipality stated that "the legal basis of the processing is identified in the legal and statutory provisions (art. 2 regional law n. 2/2018, articles 3 and 7 Statute of the Municipality [...]) which include among the administrative functions of local interest attributed to the municipalities the cultural, social and economic development of the population, to which the development of the "Trento" program can certainly be traced back Smart city” (as a strategic project of the Municipality), which includes the [aforesaid three] projects […]”.

The aforementioned provisions, which attribute to the Municipality a completely generic and merely programmatic competence for the purposes of promoting the cultural, social and economic development of the population, cannot be considered suitable to satisfy the quality requirements of the legal basis for the purposes of the articles. 5, par. 1, letter. a), 6, par. 1, letter. e), and par. 2 and 3, and 9, par. 2, letter. g), of the Regulation (see also cons. 41), as well as 2-ter, 2-sexies and 2-octies of the Code.

As, in fact, stated by the Court of Justice of the European Union, pursuant to art. 52, par. 1, first sentence, of the Charter of Fundamental Rights of the European Union ("CDFEU"), any limitations on the exercise of the rights and freedoms recognized by the latter, which include, in particular, the right to respect for private life, guaranteed from the art. 7 of the Charter, and the right to protection of personal data, enshrined in art. 8 of the Charter, must be provided for by law, which implies, in particular, that the legal basis which allows the interference with such rights must itself define the scope of the limitation of the exercise of the right in question. In particular, "to satisfy the proportionality requirement, which finds expression in Article 5, paragraph 1, letter c) of the regulation [...] the legislation on which the processing is based must provide clear and precise rules governing the scope and the application of the [envisaged] measure and impose minimum requirements so that the persons whose personal data are affected have sufficient guarantees to effectively protect [the] data against the risk of abuse. Such legislation must be legally binding within the national legal system and, in particular, indicate in which circumstances and under what conditions a measure involving the processing of such data can be adopted, thus ensuring that the interference is limited to what is strictly necessary. ” (sent. C-175/20, Valsts ieņēmumu dienests, 24 February 2022, par. 83).

In this regard, the Court also stated that the legislation containing a measure which allows such an interference must provide clear and precise rules governing the scope and application of the measure in question and establishing minimum requirements, so that the persons whose personal data have been processed have sufficient guarantees to effectively protect such data against the risks of abuse (see C-175/20, cit., para. 55; see art. 6, par. 3, of the Regulation, as well as paragraph 45 of the same; with regard to cases addressed by the Guarantor in the public sector in relation to the issue of the legal basis and the conditions of lawfulness for the processing of personal data using artificial intelligence systems or, more generally, of new technologies based on algorithmic logic, see, among others, provisions of 13 April 2023, nos. 122 and 123, web doc. nos. 9896808 and 9896412; 30 July 2022, no. 276, web doc. no. 9808839; 24 February 2022, no. 78, web doc. no. 9751895; 22 December 2021, n. 453, doc. web no. 9738520; 16 September 2021, n. 317, doc. web no. 9703988).

Furthermore, any limitations to the fundamental rights to respect for private life and protection of personal data (and Articles 7 and 8 of the CDFEU) "may [...] be made, [as well as] provided that, in accordance with Article 52, paragraph 1 of the Charter, they are provided for by law" and "respect the essential content of fundamental rights as well as the principle of proportionality. By virtue of this principle, limitations may be made only where they are necessary and effectively respond to objectives of general interest recognized by the Union or to the need to protect the rights and freedoms of others. They must operate within the limits of what is strictly necessary and the legislation entailing the interference must provide clear and precise rules governing the scope and application of the measure in question” (C-184/20, Vyriausioji tarnybinės etikos komisija, 1 August 2022, par. 64).

Similarly, the European Court of Human Rights has reiterated on several occasions that “an interference [with the right to respect for private and family life] may be justified under Article 8, paragraph 2 [of the European Convention on Human Rights] man – “ECHR”], only if it complies with the law, if it pursues one or more of the legitimate objectives referred to in paragraph 2 of Article 8 and if it is necessary in a democratic society to achieve those objectives” (“ Glukhin v. Russia”, “application no. 11519/20”, 4 July 2023, para. 75). This interference also occurs when video devices are used in public places which require the recording of images ("Peck v. United Kingdom", "Application no. 44647/9", 28 January 2003, paragraph 59; see also, although in a different context, “Perry v. United Kingdom”, “application no. 63737/00”, 17 July 2003, paragraph 38).

The law must in any case satisfy the necessary "quality" requirements of the legal basis, with the consequence that "in the context of the collection and processing of personal data, it is therefore essential to have clear and detailed rules governing the scope and application of the measures, as well as minimum guarantees regarding, among other things, the duration, storage, use, third party access, procedures to preserve the integrity and confidentiality of the data and the procedures for their destruction, thus providing sufficient guarantees against the risk of abuse and arbitrariness” (“Glukhin v. Russia”, cit., para. 77). This also taking into account that "the need for such guarantees [, aimed at preventing any use of personal data that may be in conflict with the guarantees of art. 8 of the ECHR], is even greater when it comes to protecting personal data subjected to automated processing [...] and above all when the available technology becomes increasingly sophisticated" (ibidem, par. 75).

In addition to being contemplated by law, any interference by public authorities with people's fundamental rights, including the right to protection of private life, must, in fact, be foreseeable, in the sense that the law must be sufficiently clear in its terms to give individuals adequate guidance on the circumstances and conditions in which the authorities are authorized to resort to the measures provided for by law (see “Copland v. United Kingdom”, “Application no. 62617/00”, 3 April 2007, par . 46).

Furthermore, it is irrelevant that the interference concerns activities or conduct that take place in a public place. As, in fact, also recently reiterated by the European Court of Human Rights, "the concept of "private life" is a broad one and not susceptible to an exhaustive definition [and] does not exclude activities that take place in a public context" , given that "there is [...] an area of interaction of a person with others, even in a public context, which can fall within the scope of "private life" ("Glukhin v. Russia", cit., para. 64 ; see also ruling “Satakunnan Markkinapörssi Oy and Satamedia Oy v. Finland”, “application no. 931/13”, 27 June 2017, paras. 129-131)

The considerations reported above, corroborated by the jurisprudence of the two Courts, are also valid in relation to forms of interference by public authorities which are presented to the associates as merely preparatory to the development of new technologies, such as, in this case, training of artificial intelligence algorithms (see in this regard, albeit with reference to the use of facial recognition systems for police purposes, the "Guidelines 05/2022 on the use of facial recognition technology in the area of law enforcement", adopted by the European Data Protection Board on 26 April 2023, where it is highlighted that "Article 52(1) of the Charter establishes the requirement for a specific legal basis. This legal basis must be sufficiently clear in its terms to provide citizens an adequate indication of the conditions and circumstances under which the authorities are authorized to resort to any data collection and covert surveillance measures. It must indicate with reasonable clarity the scope and methods of exercise of the relevant discretionary power conferred on public authorities, so as to guarantee people the minimum level of protection provided for by the rule of law in a democratic society. Furthermore, legitimacy requires adequate guarantees to ensure, in particular, respect for the rights of the individual under Article 8 of the [CDFEU]. These principles also apply to the processing of personal data for the purposes of evaluation, training and further development of [facial recognition] systems”; with regard to the quality requirements of the legal basis, in the different healthcare context, see also the recent "Decalogue for the creation of national health services through Artificial Intelligence systems", adopted by the Authority on 10 October 2023, doc. web no. 9938038, par. 1; see, also, the provisions of 13 April 2023, nos. 122 and 123, cit., relating to the processing, by public entities, in the absence of an appropriate legal basis, of personal data contained in films obtained using video devices, as part of a project which involved the use of detection algorithms of faces based on convolutional neural networks).

In the present case, as highlighted above, the existence of any legal framework, suitable in terms of rank and quality, to justify the processing of personal data carried out by a public entity, such as the Municipality, data controller, in the the scope of the “Marvel” and “Protector” scientific research projects, and the resulting interference with the fundamental rights and freedoms of the people whose data were collected and processed.

The Municipality, in fact, declared that it had trusted in good faith that the treatments in question could be brought back to the legal framework regarding urban safety. However, differently from what was believed by the Institution, the art. 5, paragraph 2, letter. a), of the legislative decree 20 February 2017, n. 14, allows Municipalities to "install video surveillance systems" for the sole purpose of "preventing and combating the phenomena of widespread and predatory crime", subject to the stipulation of an agreement for the implementation of urban security with the territorially competent Prefecture. This sector regulation - which in any case does not contemplate the use of microphones for the acquisition of the audio signal - therefore provides for a specific restriction on the purposes of the processing (see art. 5, par. 1, letter b) , of the Regulation), as the use of video surveillance images by local authorities for further processing purposes is therefore not normally permitted, especially if it conflicts with the reasonable expectations of the interested parties ( see, in this sense, precisely with reference to the field of video surveillance for urban security purposes, provision of 20 October 2022, no. 341, web doc. no. 9831369).

The Municipality also invoked art. 2-ter, paragraph 1-bis, of the Code, on the assumption that the processing carried out is necessary for the exercise of the Institution's institutional functions. In this regard, it must be highlighted that this provision of the Code still requires "compliance with Article 6 of the Regulation" and, therefore, also the quality requirements of the legal basis referred to in paragraphs. 2 and 3, which, as mentioned above, are not found in the generic provisions indicated by the Municipality. The art. 2-ter of the Code does not, in any case, apply to the processing of data relating to particular categories.

It is then noted that the Municipality considered "pertinent the provisions of Annex A.5 of the [Code] containing the ethical rules for processing for statistical or scientific research purposes, in compliance with the art. 89 of the GDPR", although it has specified that it does not believe that these provisions constitute "a legal basis specific to the Municipality". In other words, the Municipality would have implemented the principles and rules of conduct referred to in the aforementioned Code of Conduct, for the purposes of defining the methods of carrying out the two projects, without recognizing the direct applicability of the same to the specific case.

In this regard, it is noted that the Municipality has not proven that scientific research activity is included among its institutional competences, therefore it cannot be considered a "research institute or body" for the purposes of the art. 1, par. 1, letter d), of the aforementioned Rules of Ethics; nor has the Municipality proven to have acted, within the scope of the two projects, through its own Statistics Office, established pursuant to Legislative Decree 322/1989 The purpose of scientific research is not included among the institutional competences of the Municipality and, therefore, the processing of personal data in question cannot be considered authorized under the European and national legal framework which defines, among others, the subjective and objective prerequisites to carry them out (see articles 6 and 89 of the Regulation; article 106 of the Code; Ethics rules for processing for statistical or scientific research purposes).

Added to this is that among the criteria identified at international and national level to recognize the nature of a research institution in the hands of a specific entity there is, first of all, the institutional purpose pursued, which must contain a reference to the research activity , identified on the basis of what is indicated in the law or in another act establishing the organisation, or in the statute, regulation or other organizational act (see art. 5-ter of Legislative Decree no. 33 of 14 March 2013 and the Guidelines guide, adopted in implementation of the relevant paragraph 3, by the Statistical Information Steering and Coordination Committee - Comstat; see opinion of the Guarantor adopted with provision of 21 June 2018, no. 388, web doc. no. 9023239). With particular reference to particular categories of data (art. 9 of the Regulation) and data relating to crimes (art. 10 of the Regulation), the Municipality has also not indicated any legal framework that expressly provides for and regulates in detail the types of data, the operations that can be performed and the appropriate and specific measures to be adopted in relation to the processing carried out for the scientific research activities carried out in the context of the aforementioned projects, therefore lacking, also from this point of view, the conditions of lawfulness provided for by the articles. 9, par. 1, letter. g) and j), and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code.

Nor can the contractual agreements stipulated between the Municipality, the other project partners and the European Commission be relevant. In fact, in this regard, it is noted that these agreements attribute to the beneficiaries of the grants the responsibility for ensuring compliance with the legislation on data protection (see art. 39.2 of the "Grant Agreement" relating to the Marvel project and art. 23.2 of the "Grant Agreement" relating to the "Protector" project; see also art. 4.4 of the "Consortium Agreement" relating to the "Marvel" project, which states that "each Party is required to ensure that the collection, processing and the sharing of personal data and/or particular categories of personal data comply with the Regulation […] and other regulations […] regarding personal data. The Parties will therefore ensure the existence of a legal basis […] in accordance with the GDPR before sharing any personal data and/or special categories of personal data", as well as art. 10.8 of the "Consortium Agreement" relating to the "Protector" project, which states that "the Parties must process personal data in accordance to applicable national and EU data protection laws (including, but not limited to, authorization or notification obligations). Each Party represents and warrants that all personal data required for use in the Project and collected, processed or further used by it will be collected, processed or further used in accordance with all relevant laws and regulations (and, where applicable, with local ethical guidelines) regarding the collection, use, transport and subsequent destruction of personal data").

In light of the foregoing considerations, it must be concluded that the Municipality, in the context of the "Marvel" and "Protector" projects, processed personal data, including those relating to crimes and belonging to particular categories (religious beliefs), in contravention of the reasonable expectation of confidentiality of the interested parties, in a manner that does not comply with the "principle of lawfulness, correctness and transparency" and in the absence of a legal basis, in violation of the articles. 5, par. 1, letter. a), 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code.

3.5 Transparency of processing.

In compliance with the principle of "lawfulness, correctness and transparency", the data controller must take appropriate measures to provide the interested party, before starting the processing, with all the information required by the Regulation in a concise, transparent, intelligible and easily accessible form, with simple and clear language (articles 5, par. 1, letter a), 12, 13 and 14 of the Regulation).

When video surveillance systems are used, the data controller, in addition to providing first level information by affixing warning signs near the area subjected to video surveillance, must also provide interested parties with "second level information", which must “contain all the mandatory elements pursuant to Article 13 of the [Regulation]” and “be easily accessible to the interested party, for example through a complete information page made available in a central hub […] or posted in a place of easy access" (European Data Protection Committee, "Guidelines 3/2019 on the processing of personal data through video devices", of 29 January 2020, in particular par. 7; but see already the "Provision on video surveillance ” of the Guarantor of 8 April 2010, web doc. no. 1712680, in particular par. 3.1, as well as, lastly, the Guarantor's FAQ no. 4 regarding video surveillance, doc. web no. 9496574; see, also, provisions of 20 October 2022, n. 341, doc. web no. 9831369; 28 April 2022, n. 162, doc. web no. 9777974, 7 April 2022, n. 119, doc. web no. 9773950, 16 September 2021, n. 327, doc. web no. 9705650 and 11 March 2021, n. 90, doc. web no. 9582791).

The first level information (warning sign) “should communicate the most important data, for example the purposes of the processing, the identity of the data controller and the existence of the data subject's rights, together with information on the most significant impacts of the treatment” (Committee Guidelines, cit., par. 114). Furthermore, the signs must also contain information that may be unexpected for the interested party. This could, for example, concern the transmission of data to third parties, in particular if located outside the EU, and the retention period. If such information is not indicated, the data subject should be able to trust that there is only real-time surveillance (without any data recording or transmission to third parties) (Committee Guidelines, cit., para. 115). The first level warning sign must contain a clear reference to the second level of information, for example by indicating a website on which it is possible to consult the text of the extended information.

During the investigation, the Municipality claimed to have fulfilled its information obligations towards the interested parties by installing signs containing first-level information on data processing (see annex 1 to the protocol note n. XX of the XX ), near the cameras and microphones placed in public streets, as well as by publishing extensive information on data processing on its institutional website (https://www.comune.trento.it/content/download/1465552/13956310/ file/INFORMATIVA%20PUBLIC%20MARVEL_Rivista-1.pdf, as reported in the aforementioned note of the XX).

With reference to the information on the processing of first level data, it is noted that the same, while mentioning the "Marvel" and "Protector" projects ("retention is permitted for a maximum period of six months starting from the date of the survey, in in relation to the aims of protecting urban safety connected to the development of the European projects Marvel (grant agreement n° 957337) and Protector (grant agreement n° 101034216) and further projects financed by the European Union"), does not specifically refer to the aim of processing connected to scientific research, erroneously leaving the interested parties to understand that the processing of personal data, carried out as part of the two projects, is also attributable to the purposes of urban security; so much so that, in its defense briefs, the Municipality took note of the "possible misunderstanding generated among citizens resulting from the fact that the purpose of the data processing was not clear" and made clear its intention to "adapt the information will make it necessary to use for future occurrences." Nor can the Municipality's defense be accepted, according to which "in the information [...] they were identified and explained in relation to the legal basis of the processing considered relevant", given that, as illustrated above, the Municipality has implemented data processing personal data for a specific processing purpose, i.e. scientific research, distinct from urban security research, whose legal framework of reference (Legislative Decree 20 February 2017, n. 14), as mentioned, is not applicable to the context in question. The conduct of the Municipality has, therefore, resulted in the violation of the art. 13, par. 1, letter. c), of the Regulation

Furthermore, although the information contains a reference to audio, the interested parties were not put in a position to understand that the content of their conversations would also be acquired and processed for the purposes of the Marvel project, an aspect which is certainly to be considered one of the more substantial impacts of the treatment. Also in relation to this profile, the argument used by the Municipality in the defense brief cannot be accepted, namely that "the failure to indicate in the information that the equipment was also capable of picking up people's conversations is also justifiable from the fact that, due to the intrinsic characteristics of the recording system (as described above) the actual possibility of hearing relevant semantic contents was to be considered an almost null eventuality", taking into account that, as illustrated above at length, the possibility of acquiring the content of conversations was not, however, fundamentally excluded and that, in the documentation relating to the project, the acquisition of this content constituted a specific element of interest for the purposes of training artificial intelligence algorithms aimed at recognizing dangerous situations for public safety .

As for data retention times, the sign in question states that "audio and video data are retained for a period of seven days starting from the date of collection", reasonably with reference to the purpose of urban security. In this regard, it should be noted that art. 7, paragraph 8, of the legislative decree. February 23, 2009 allows "the conservation of data, information and images collected through the use of video surveillance systems is limited to seven days following the detection, without prejudice to special needs for further conservation". This term cannot, however, be applied in relation to audio, the collection of which is not permitted by the regulatory framework regarding video surveillance for urban security purposes. With specific regard to the "Marvel" and "Protector" projects, the same sign states that "conservation is permitted for a maximum period of six months starting from the date of the survey", a term which, however, is not reflected in the declarations made by the Common during the investigation and which is in any case inconsistent with the alleged immediate anonymization of the data. Therefore, the art. is violated. 13, par. 2, letter. a), of the Regulation.

Regarding the mention of the rights of the interested parties, the first level information limits itself to mentioning only the right of access to data, making a generic reference to "other rights recognized by law", without an express reference to the articles. 15-22 of the Regulation, resulting in a consequent violation of art. 13, par. 2, letter. b), of the Regulation. In fact, it must be highlighted that the mention in summary form in the first level information of the rights of the interested parties is permitted only to the extent that the sign contains a clear reference to the extended second level information for a complete illustration of these rights ( see the exemplary information sign proposed by the European Data Protection Committee in paragraph 116 of the aforementioned "Guidelines 3/2019 on the processing of personal data through video devices", which states that "as an interested party, you can exercise various rights, in particular the right to request the data controller to access or delete personal data. For more information on video surveillance and your rights, consult the complete information provided by the data controller [...]" (see also the similar exemplary sign published on the Guarantor's website on 3 December 2020, web document no. 9496244). In this case, the Municipality has, however, failed to provide the interested parties with clear indications regarding the methods with which the interested parties they could have consulted the complete information on the processing of personal data.

In fact, in pointing out the possibility of consulting "the complete information on the processing of personal data", as well as at the Municipality's headquarters, the first level information sign refers to the "institutional website of the Municipality", without indicating the specific page /section of this site on which the complete information can be found, thus, in effect, hindering the possibility for interested parties to access it (see, moreover, the information sign proposed, by way of example, at points 115-116 of the aforementioned Committee Guidelines, which also envisages the possibility - without there being an obligation in this regard - of inserting a so-called "QR Code", precisely for the purpose of facilitating the possibility for interested parties to quickly and easily access the information second level).

However, with regard to the second level information, it is noted that it refers "to the processing of personal data acquired through the use of video surveillance systems owned by the Municipality [...] used for the development of the European MARVEL Projects (Grant Agreement n° 957337) and PROTECTOR (Grant Agreement n° 101034216)”, without mentioning the microphones used as part of the “Marvel” project for audio collection.

Furthermore, in referring below to "video/audio sources", we omit to specify that the audio could also concern conversations between people present on public streets, an aspect which is certainly to be considered one of the most significant impacts of the treatment.

The information then completely fails to illustrate the processing of personal data concerning users who have published messages on the "Twitter" platform (X) or comments on the "YouTube" platform as part of the "Protector" project, also with regard to the communication of information relating to the "Twitter" user networks (X) to the Antwerp Police and the Bulgarian Ministry of the Interior, as well as the processing of the same information by the Local Police of the Municipality. With reference to these interested parties, or to the authors of the aforementioned messages/comments, the art. is therefore overall violated. 14 of the Regulation, taking into account that such personal data is not collected from the interested parties.

As for the legal basis of the processing, the information states that "the processing is carried out for the execution of a task of public interest, pursuant to art. 6 of EU regulation no. 2016/679", legal basis which, for the reasons illustrated above, is not applicable in reference to the "Marvel" and "Protector" research projects. Furthermore, the information presents the provision of data as mandatory, on the erroneous assumption that the two projects would pursue "purposes of protecting urban safety and public heritage, pursuant to the provisions of art. 6, paragraphs 7 and 8, of the legislative decree of 23 February 2009 n. 11 (converted with law 23 April 2009 n. 38) and by art. 3, paragraph 2, of the regulation for the use of video surveillance systems". Therefore, the art. is violated. 13, par. 1, letter. c), of the Regulation.

As regards the scope of data communication, the Municipality, on the assumption of having used adequate data anonymisation techniques, failed to inform the interested parties that their personal data are shared with the other project partners and, as regards to the “Protector” project, with the European Commission and the project reviewers, in violation of art. 13, par. 1, letter. e), of the Regulation.

Finally, it is noted that the "rights of the interested party" section does not contain any reference to the right of interested parties to "lodge a complaint to a supervisory authority", in violation of the art. 13, par. 2, letter. d), of the Regulation).

In relation to the "data retention term", it is stated that "the data are retained for a period of time not exceeding six months starting from the date of collection"; therefore, the same findings already made with regard to the first level information apply, with the consequence that the art is violated. 13, par. 2, letter. a), of the Regulation.

Taking into account all the preceding considerations, it is established that the Municipality acted in violation of the articles. 13, par. 1, letter. c) and e), par. 2, letter. a), b) and d), and 14 of the Regulation.

In light of the gravity, the transversal nature and the consequences of the violations committed by the Municipality with regards to the transparency of the processing, with particular reference to the omission of detailed information regarding the processing of the content of the conversations and the total absence of information intended for the users of "Twitter" ("X") and "YouTube", it is believed that, in this case, the Municipality has also acted in a manner that does not comply with the principle of "lawfulness, correctness and transparency", in violation of the art. 5, par. 1, letter. a), of the Regulation.

3.6 The scope of data communication.

During the investigation, the Municipality stated that the audio-video contents used within the "Marvel" project, allegedly anonymized, are shared with the project partners, while, within the "Protector" project, such contents , as well as the pseudonymized usernames of the authors of the messages/comments published on the "Twitter" ("X") and "YouTube" platforms, are shared not only with the partners, but also with the European Commission and the project reviewers.

Taking into account what has been illustrated above in relation to the inadequacy of the anonymisation techniques used (see par. 3.3), the nature of personal data of the pseudonymized information (ibidem) and the absence of a legal framework of reference for the purposes of conducting the two research projects (see par. 3.4), the communication of the personal data in question, including those relating to crimes and particular categories of data (religious beliefs), occurred in a manner that did not comply with the principle of "lawfulness, correctness and transparency" and in the absence of a legal basis, in violation of the articles. 5, par. 1, letter. a), 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code.

This is also considering that the presence of a specific user within a network of users implies that he or she has published hate messages in a religious context (which are also freely consultable on the user's profile), with the consequence that the communication in question also concerns personal data relating to crimes and particular categories of data (religious beliefs).

Furthermore, as part of the Protector project, the usernames of the authors of the messages published on the “Twitter”(“X”) platform, which constitute a network, were shared unencrypted with the Antwerp Police and the Ministry of the Interior of Bulgaria; therefore, the Municipality acted, also in relation to said processing, in a manner not compliant with the principle of "lawfulness, correctness and transparency" and in the absence of a legal basis, in violation of the articles. 5, par. 1, letter. a), 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code.

3.7 The data protection impact assessment.

In case of high risks for the interested parties - deriving, for example, from the use of new technologies and always present where large-scale systematic surveillance of an area accessible to the public is carried out (see art. 34, par. 3, letter c), of the Regulation) - the data controller must also carry out an impact assessment on data protection, in order to adopt, in particular, the appropriate measures to address such risks, consulting the Guarantor in advance, where necessary. prerequisites (see articles 35 and 36, paragraph 1, of the Regulation).

In the present case, the Municipality was certainly subject to the obligation to draw up a data protection impact assessment, pursuant to art. 36 of the Regulation, before starting the processing connected to the "Marvel" and "Protector" projects.

This, first of all, considering that, pursuant to art. 35, par. 3, letter. c), of the Regulation, the impact assessment is always required in the case of "large-scale systematic surveillance of an area accessible to the public", a circumstance which occurs in the present case, given the use of video surveillance cameras and microphones installed on public roads.

More generally, there is no doubt that, taking into account, in particular, the use of new technologies, such as artificial intelligence techniques, and the nature of the data being processed (content of conversations; data relating to crimes; data relating to religious beliefs), the Municipality was obliged to carry out an impact assessment on data protection (see art. 35, par. 1, of the Regulation; see Working Group art. 29, "Guidelines regarding data protection impact assessment and determination of the possibility that the processing "may present a high risk" for the purposes of Regulation (EU) 2016/679", of 4 April 2017, in particular section III, where it is clarified that a data protection impact assessment is required when at least two of the nine criteria indicated therein exist, which, in the specific case, can be found in "systematic monitoring", in "sensitive data or data of a highly personal nature", in "processing of large-scale data” and in the “innovative use or application of new technological or organizational solutions”.

Having clarified this, it is noted that the Municipality declared that it had drawn up an impact assessment on data protection pursuant to art. 35 of the Regulation and produced a document in the documents, called "IMPACT ASSESSMENT ON DATA PROTECTION - T-08-012 - Treatment of research projects for the development of intelligent video surveillance systems".

This document appears to be undated and does not bear the signature of either the legal representative of the Municipality or any other person authorized for this purpose, circumstances which do not allow it to be verified that the document in question was drawn up before the date of commencement of the processing and of attribute the same to the Institution.

In this regard, the Municipality stated in its defense briefs that the impact assessment would have been completed "already on 19 January 2022 (when it was shared for the first time with the DPO [...])" and that the same would was "subsequently inserted into the IT application containing the register of processing activities [...] in March 2023, only after having obtained the final opinion of the DPO". Although the Municipality believes "to have [therefore] documented the fact that the Municipality had carried out the impact assessment before the start of the treatments (February 2022 for the video part, March 2023 for the audio part) and that the evaluation itself is attributable to the Entity), it must, however, be observed that the Entity has not produced any evidence aimed at proving the actual insertion of the document in question "in the IT application containing the register of processing activities" and that this procedure was suitable to attribute a certain date to the document. In any case, the circumstance is confirmed that this document was not validly signed by the Mayor or by another person with the necessary powers for the purposes of the necessary assumption of responsibility for what is represented in it.

In light of the foregoing considerations, it is confirmed that the Municipality has not demonstrated that it has drawn up an impact assessment on data protection before implementing the processing of personal data as part of the "Marvel" and "Protector" projects.

It is then noted that, in any case, the document in question concerns exclusively the processing of personal data connected to the use of "intelligent video surveillance systems" and, therefore, it does not take into consideration the processing carried out within the scope of the “Protector” project with reference to the personal data of users of “Twitter” (“X”) and YouTube.

This document is, more generally, unsuitable for satisfying the requirements of the art. 35, par. 7, of the Regulation, given that the "Marvel" and "Protector" projects, of which no express mention is made, are not precisely described (see art. 35, par. 7, letter a), of the Regulation).

Furthermore, the document does not contain any assessment regarding the "necessity and proportionality of the processing in relation to the purposes" and in particular does not illustrate the reasons why the Municipality could not have conducted the scientific research projects in question in simulated urban environments , or without collecting and processing the personal data of people actually present in the public street or without processing certain types of data characterized by particular sensitivity, such as the content of conversations (see art. 35, par. 7, letter b), of the Regulation).

The impact assessment is then limited to considering only the possible violations or threats of data security, moreover in reference to IT systems and databases which are not clearly identified and described, making the analysis carried out completely generic and divorced from the actual means of processing, even very sophisticated from a technological point of view, used in the two projects in question, making it therefore impossible to understand the actual impending risk in terms of data security and the suitability of the measures implemented by the owner to mitigate the same ( art. 35, par. 1, letter d) of the Regulation).

However, the document does not take into consideration in any way the other risks for the rights and freedoms of the interested parties (art. 35, par. 1, letter c), of the Regulation) not connected to the physical and logical security of the data, especially with regard to the possible consequences for data subjects deriving from the processing of particularly sensitive information such as the content of conversations, data relating to crimes and data relating to religious beliefs. Nor are the measures adopted to mitigate these risks analyzed (art. 35, par. 1, letter d) of the Regulation).

Finally, it is believed that, taking into account the particular invasiveness of the treatments relating to the capture of audio in public streets and the consequent compression of the fundamental rights and freedoms of the interested parties, the Municipality should have previously collected the opinions of the citizens regarding the initiative that it was intended to undertake (art. 35, par. 9, of the Regulation).

In light of the preceding considerations, it is believed that the Municipality acted in violation of the art. 35 of the Regulation.

4. Conclusions.

In light of the assessments mentioned above, it is noted that the declarations made by the data controller during the investigation are the truthfulness of which one may be called upon to respond to pursuant to art. 168 of the Code ˗, although worthy of consideration, do not allow us to overcome the findings notified by the Office with the act of initiating the proceedings and are insufficient to allow the dismissal of the present proceedings, as, moreover, none of the cases provided for by the 'art. 11 of the Guarantor Regulation n. 1/2019.

Therefore, the preliminary assessments of the Office are confirmed and the illegality of the processing of personal data carried out by the Municipality is noted, for having implemented processing of personal data in a manner that does not comply with the principle of "lawfulness, correctness and transparency", in violation of the art. 5, par. 1, letter. a) of the Regulation; in the absence of a legal basis, in violation of the articles. 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code; failing to provide interested parties with some of the information required by data protection regulations, in violation of 13, par. 1, letter. c) and e), and par. 2, letter. a), b) and d), and 14 of the Regulation; communicating personal data to third parties, including those relating to crimes and particular categories (religious beliefs), in the absence of a legal basis, in violation of articles. 5, par. 1, letter. a), 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code; failing to draw up a data protection impact assessment compliant with the requirements of data protection legislation, in violation of art. 35 of the Regulation.

Taking into account that the multiple violation of the aforementioned provisions took place as a result of a single conduct (same treatment or related treatments), art. 83, par. 3 of the Regulation, pursuant to which the total amount of the administrative fine does not exceed the amount specified for the most serious violation. Considering that, in the present case, all violations, with the exception of that relating to art. 35 of the Regulation, are subject to the administrative sanction provided for by art. 83, par. 5 of the Regulation, as also referred to in art. 166, paragraph 2, of the Code, the total amount of the fine is to be quantified up to €20,000,000.

However, the dispute relating to the violation of the art. 28 of the Regulation, which was made against the Municipality on the assumption that, in response to the Authority's requests for information, the Body had filed a unilateral designation deed, signed solely by the Mayor, without there being evidence that the Foundation had accepted this designation, undertaking to fulfill the obligations set out therein. In its defense briefs, the Municipality has, in fact, declared that only "due to a mere material error" a non-registered version of the document had been sent to the Authority, that "the act of appointment [of the Foundation as data controller] was formalized with union decree, digitally signed by the Mayor [...] on 3 February 2022" and that "the decree was then transmitted [to the Foundation], which returned a copy countersigned on 7 February 2022 by its legal representative for acceptance of the appointment" , therefore having to order the dismissal of the proceedings limited to this profile (art. 11 of Regulation no. 1/2019).

Likewise, with regard to the clear visibility to the local Police of the Municipality of the data relating to the networks of "Twitter" ("X") users, we take note of what was declared by the Municipality regarding the circumstance which, in fact, does not there was "never [...] access to the data by the local Trentino Police Force" (defense briefs in documents). Given that the local police - which does not have general competences in matters of public security (see law 7 March 1986, n. 65) - did not process the data in question outside the specific purposes of the research project, i.e. for take measures against specific natural persons, the proceedings are archived, limited to this profile and the related disputed violations of the articles. 5, par. 1, letter. a), 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code (art. 11 of Regulation no. 1/2019).

5. Corrective measures (art. 58, par. 2, letter d), f) and g) of the Regulation).

The art. 58, par. 2 of the Regulation gives the Guarantor the power to "order the data controller or data processor to conform the processing to the provisions of this regulation, if appropriate, in a specific manner and within a specific deadline" (letter d) , to "impose a temporary or definitive limitation on processing, including a prohibition on processing" (letter f), as well as to "order the rectification, deletion of personal data or limitation of processing [...]" (letter g) .

Taking into account that the Municipality declared in its defense statement that "starting from 1 November 2023, steps have been taken to limit the processing of data, blocking any activity that could lead to its detection or use, with the exception of mere conservation even at defensive purposes" and expected, therefore, that the Municipality, even though it has abstained from further collection of personal data, still retains personal data relating to natural persons, obtained as part of the "Marvel" and "Protector" projects, yes makes it necessary, pursuant to art. 58, par. 2, letter. d), f) and g), of the Regulation:

impose a ban on further processing of the aforementioned personal data (video or audio recordings; messages/comments obtained from social networks; information relating to user networks on the “Twitter”/“X” platform); And

order their cancellation.

Pursuant to the articles. 58, par. 1, letter. a), of the Regulation and 157 of the Code, the Municipality must also communicate to this Authority, providing adequately documented feedback, within thirty days of notification of this provision, the initiatives undertaken in order to implement the requirements given to it.

6. Adoption of the injunction order for the application of the pecuniary administrative sanction and accessory sanctions (art. 58, par. 2, letters i and 83 of the Regulation; art. 166, paragraph 7, of the Code).

The Guarantor, pursuant to articles. 58, par. 2, letter. i) and 83 of the Regulation as well as art. 166 of the Code, has the power to "impose a pecuniary administrative sanction pursuant to article 83, in addition to the [other] [corrective] measures referred to in this paragraph, or in place of such measures, depending on the circumstances of each single case" and, in this context, "the Board [of the Guarantor] adopts the injunction order, with which it also provides for the application of the additional administrative sanction of its publication, in full or in extract, on the website of the Guarantor pursuant to article 166, paragraph 7, of the Code” (art. 16, paragraph 1, of the Guarantor Regulation no. 1/2019).

In this regard, taking into account the art. 83, par. 3 of the Regulation, in this case the violation of the aforementioned provisions is subject to the application of the pecuniary administrative sanction provided for by the art. 83, par. 5, of the Regulation.

The aforementioned pecuniary administrative sanction imposed, depending on the circumstances of each individual case, must be determined in the amount taking into due account the elements provided for by the art. 83, par. 2, of the Regulation.

As regards the nature and seriousness of the violation and the sensitivity of the data affected by the violation (art. 83, par. 2, letters a) and g), of the Regulation), it must be considered that the processing in question involved public places and it was carried out without the filmed subjects being fully aware of the actual processing purpose pursued and the scope of knowledge of the data, as well as in the absence of the necessary lawfulness conditions, with consequent prejudice to their fundamental rights and freedoms.

Furthermore, in the absence of sufficient transparency towards the interested parties, the processing also concerned the audio signal acquired through microphones installed on public streets and therefore also private conversations, the content of which is supported by the highest constitutional guarantees (see the "Guidelines 3/2019 on the processing of personal data through video devices", cit., in particular point 129, which states that "the solutions identified should not include unnecessary functions (for example, [...] audio recordings)" , as well as the subsequent point 131, which states that among the elements that the owners should take into consideration is the "appropriate and prohibited use (where and when video surveillance is permitted and where and when it is not: for example, use of hidden cameras and audio as well as video recording)”).

These massive and invasive methods of processing have entailed significant risks for the rights and freedoms of the interested parties. This not only with regard to the right to data protection but also to other rights, of constitutional rank, connected to the free expression of thought (art. 21 Constitution; see also articles 9 and 10 ECHR and articles 10 and 11 CDFEU ), participation in political and social life (articles 2 and 3 of the Constitution), freedom of assembly (article 18 of the Constitution; see also articles 11 of the ECHR and 12 of the CDFEU) and the freedom to express one's religious faith (art. 19 Constitution; see also articles 9 ECHR and 10 CDFEU), of which the right to privacy, as it is functional to the self-determination of the individual, constitutes a necessary prerequisite. Similar forms of surveillance in public spaces can, in fact, change people's behavior and even affect the exercise of democratic freedoms, especially when the surveillance contravenes the reasonable expectation of privacy of those subjected to it.

In light of these circumstances, it is believed that, in the present case, the level of severity of the violation committed by the data controller is high (see European Data Protection Committee, “Guidelines 04/2022 on the calculation of administrative fines under the GDPR” of 23 May 2023, point 60)”.

Having said this, it is necessary to consider the following mitigating circumstances:

that although the "Marvel" and "Protector" projects were conducted over a long period of time (approximately 20 and 15 months respectively), the video recordings were not acquired on a continuous basis but only in relation to a limited number of hours (309 hours for the “Marvel” project; 18 hours for the “Protector” project, of which only 4 hours are currently preserved). Similarly, as regards the audio obtained from the microphones installed on public streets as part of the "Marvel" project, the Municipality acquired a limited number of hours of recording overall (85, equal to less than four days), in a 8 month time frame. Furthermore, audio tracks of just 1 consecutive minute were acquired from each microphone, which, according to the Foundation's declarations, reported by the Municipality in its defense briefs, would largely contain silence or indistinguishable noises;

that the Municipality acted in good faith, having made an error in law, in the belief that the processing in question could be subsumed within the legal framework relating to urban security and that the measures aimed at anonymising the data were sufficient to avoid the possibility of identifying the interested parties, having, moreover, the Entity relied on the assessments of its Data Protection Officer (see, albeit in a different context, provision dated 2 July 2020, no. 118, web doc. no. 9440025) and on the specialist advice received from the Foundation, a person with high expertise in the field of scientific research;

that the Municipality, even though it has not fully fulfilled its obligations regarding transparency, declared that it has promoted "forms of public dissemination of the Projects including press releases, press releases on the Municipality's institutional website, dissemination of information regarding the Projects also via social networks of the Municipality and the Mayor” (defense briefs in documents);

that although the Municipality has not proven the certain date of preparation of the impact assessment on data protection and the document was not fully compliant with the requirements established by the legislation on data protection, it appears in documents that the Body had taken steps to drafting an impact assessment scheme and sharing it with the Data Protection Officer, whose opinion has been obtained.

On the basis of the aforementioned elements, evaluated as a whole, it is decided to determine the amount of the pecuniary sanction in the amount of 50,000 (fifty thousand) euros for the violation of the articles. 5, par. 1, letter. a), 6, 9, 10, 13, par. 1, letter. c) and e), and par. 2, letter. a), b) and d), 14 and 35 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code, as a pecuniary administrative sanction deemed, pursuant to art. 83, par. 1 of the Regulation, effective, proportionate and dissuasive.

Taking into account that the audio-video surveillance activity in question involved public places, implementing a processing of personal data that "allows [to detect] the presence and behavior of people in the space considered" ("Guidelines 3/2019 on processing of personal data through video devices", par. 2.1, cit.), without the interested parties being fully aware of the actual processing purpose pursued and of all the characteristics of the processing, with consequent prejudice to their fundamental rights and freedoms , it is also believed that the additional sanction of publication of this provision on the Guarantor's website, provided for by art., should be applied. 166, paragraph 7 of the Code and art. 16 of the Guarantor Regulation n. 1/2019.

Finally, it is noted that the conditions set out in art. 17 of Regulation no. 1/2019.

ALL THIS CONSIDERING THE GUARANTOR

declares, pursuant to art. 57, par. 1, letter. f), of the Regulation, the illegality of the processing carried out by the Municipality of Trento due to violation of the articles. 5, par. 1, letter. a), 6, 9, 10, 13, par. 1, letter. c) and e), and par. 2, letter. a), b) and d), 14 and 35 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code, within the terms set out in the justification;

ORDER

to the Municipality of Trento, in the person of the legal representative pro tempore, with registered office in Via Belenzani, 19 - 38122 Trento (TN), C.F. 00355870221, to pay the sum of 50,000 (fifty thousand) euros as a pecuniary administrative sanction for the violations indicated in the justification. It is represented that the offender, pursuant to art. 166, paragraph 8, of the Code, has the right to settle the dispute by paying, within 30 days, an amount equal to half of the fine imposed;

ORDERS

to the aforementioned Municipality:

a) in case of failure to resolve the dispute pursuant to art. 166, paragraph 8, of the Code, to pay the sum of 50,000 (fifty thousand) euros according to the methods indicated in the annex, within 30 days of notification of this provision, under penalty of the adoption of the consequent executive acts in accordance with the art. 27 of the law. n. 689/1981;

b) pursuant to art. 58, par. 2, letter. d), f) and g) of the Regulation:

the prohibition on processing the personal data of interested parties already collected in the context of the "Marvel" and "Protector" projects (video or audio recordings; messages/comments obtained from social networks; information relating to user networks on the "Twitter"/" platform X”);

the cancellation of the aforementioned personal data;

c) pursuant to articles. 58, par. 1, letter. a), of the Regulation and 157 of the Code, to communicate to this Authority, providing adequately documented feedback, within thirty days of notification of this provision, the initiatives undertaken in order to implement the measures imposed; any failure to comply with the provisions of this point may result in the application of the pecuniary administrative sanction provided for by the art. 83, par. 5, of the Regulation;

HAS

pursuant to art. 166, paragraph 7, of the Code, the publication of this provision on the Guarantor's website, believing that the conditions set out in the art. 17 of the Guarantor Regulation n. 1/2019.

Pursuant to the articles. 78 of the Regulation, 152 of the Code and 10 of Legislative Decree no. 150/2011, it is possible to appeal against this provision before the ordinary judicial authority, under penalty of inadmissibility, within thirty days from the date of communication of the provision itself or within sixty days if the appellant resides abroad.

Rome, 11 January 2024

PRESIDENT
Stanzione

THE SPEAKER
Ghiglia

THE GENERAL SECRETARY
Mattei



SEE ALSO Press release of 25 January 2024



[doc. web no. 9977020]

Provision of 11 January 2024

Register of measures
n. 5 of 11 January 2024

THE GUARANTOR FOR THE PROTECTION OF PERSONAL DATA

IN today's meeting, which was attended by prof. Pasquale Stanzione, president, Prof. Ginevra Cerrina Feroni, vice-president, Dr. Agostino Ghiglia and the lawyer. Guido Scorza, members and the councilor. Fabio Mattei, general secretary;

HAVING REGARD to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, relating to the protection of natural persons with regard to the processing of personal data, as well as the free movement of such data and which repeals Directive 95/46/ EC, “General Data Protection Regulation” (hereinafter, “Regulation”);

HAVING REGARD TO Legislative Decree 30 June 2003, n. 196 containing "Code regarding the protection of personal data, containing provisions for the adaptation of national law to Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, relating to the protection of natural persons with regard to the processing of personal data, as well as the free circulation of such data and which repeals Directive 95/46/EC (hereinafter the “Code”);

GIVEN Regulation no. 1/2019 concerning internal procedures with external relevance, aimed at carrying out the tasks and exercising the powers delegated to the Guarantor for the protection of personal data, approved with resolution no. 98 of 4 April 2019, published in the Official Gazette. n. 106 of 8 May 2019 and in www.gpdp.it, doc. web no. 9107633 (hereinafter “Guarantor Regulation no. 1/2019”);

Having seen the documentation in the documents;

Having seen the observations made by the general secretary pursuant to art. 15 of the Guarantor's Regulation no. 1/2000 on the organization and functioning of the office of the Guarantor for the protection of personal data, doc. web no. 1098801;

Speaker Dr. Agostino Ghiglia;

PREMISE

1. Introduction.

From press reports we learned that at the Municipality of Trento (hereinafter, the "Municipality"), three systems would form the subject of experimentation, with the support of the Bruno Kessler Foundation (hereinafter, the "Foundation" or "FBK"). of artificial intelligence, called “Marvel”, “Protector” and “Precrisis”, whose development projects would have been financed under European Union research programs, which would involve the collection of information in public places through microphones and cameras video surveillance, in order to detect potential dangerous situations for public safety.

2. The preliminary investigation activity.

With note dated XX, the Authority addressed a request for information to the Municipality, pursuant to art. 157 of the Code, in relation to the processing of personal data carried out as part of the aforementioned projects.

In response to this request for information, the Municipality, with note prot. n. XX of the XX, declared, in particular, that:

“the Municipality […] is a partner in three development projects called MARVEL, PROTECTOR and PRECRISIS, financed under European Union research programmes”;

“[…] thanks to the use of specific artificial intelligence algorithms developed by [the] Foundation […], the personal data recorded via audio and video sources […] are automatically anonymized at the time of collection”;

“the Municipality […] has carried out, with the support of the Personal Data Protection Officer [“RPD”], a specific impact assessment [on data protection] […]”;

“[…]biometric data, in particular technologies aimed at carrying out facial recognition, are not used […]”;

“[…] the systems […] are developed as part of research projects […] [in which] the Municipality […] participates and has participated […] as a use case, making its own expertise available infrastructure […]”.

With specific regard to the "Marvel" project, the Municipality declared, in particular, that:

“as part of the European project MARVEL - Multimodal Extreme Scale Data Analytics for Smart Cities Environments (Grant Agreement - GA n. 957337 - MARVEL dd. 07/22/2020 and subsequent amendments), coordinated by FOUNDATION FOR RESEARCH AND TECHNOLOGY HELLAS (FORTH ) - EL, the Foundation […] is the partner that provides part of the hardware infrastructure for data processing and audio/video anonymization technologies […]. The end date of the project is scheduled for 12/31/2023”;

“MARVEL is a project that aims to develop a distributed computing framework, composed of computing resources at the “edge” and resources in the “cloud”, with the aim of enabling multimodal perception and intelligence for scene recognition audiovisual, event detection and so-called smart urban security. Through the collection and analysis of data from multimodal audiovisual streaming, the project intends to improve the quality of life and services to citizens within the smart city paradigm, without violating ethical and privacy limits, in a responsible manner for the artificial intelligence ([…] “AI”). This is achieved through the combination and real-time analysis of large-scale distributed multimodal audiovisual data and the support for automated decision making at all levels of the distributed computing framework”;

“as regards the infrastructure, the Foundation [...] - upon indication of the Municipality [...] - provides two workstations in its laboratories. The first workstation accesses the Municipality's cameras [...] through a VPN (Virtual Private Network). The second workstation connects via VPN to the project's computing platform (created as a "cluster" of computing nodes distributed among the project partners), to make the anonymized video streams available";

“in addition, the Foundation […] designed and assembled six devices for recording audio signals via microphones […]. These devices were installed in February 2023 in the Municipality's network [...] and are accessible by the Foundation [...] via the aforementioned VPN. Audio streams are managed in the same way as video streams”;

“as part of the […] MARVEL project, the Foundation […] deals with the acquisition of audio and video data. The video data is provided by 14 IP surveillance cameras of the Municipality [...], 6 of which are used to create the prototype of the project. The Foundation […] has access to non-operational real-time video streams via VPN by means of credentials, in order to securely access […]. The video data is immediately anonymized [...] on the Foundation's workstation [...] which accesses the video stream";

“the audio signals are acquired by a device created and installed as part of the project activities: it is a [so-called “single board computer”] to which 2 MEMS microphones are connected. The device reads audio signals from MEMS microphones, anonymizes them, and makes them available, anonymized only, via an RTSP server. This solution allows you to implement a privacy-by-design component, anonymizing the audio signals directly on the device […]. The methods of accessing anonymized audio data are similar to those of video data";

“the anonymized audio and video streams are forwarded, via the second workstation mentioned above, to the project's calculation platform, making the anonymized streams available to the other project partners”;

“at the request of the Coordinator and in agreement with the Municipality […], the Foundation […] periodically uploads the anonymized audio and video data into the data corpus of the MARVEL project (repository, hosted in the server farm of one of the project partners, in which the data is made available for the development of audio-video analysis algorithms)”.

With specific regard to the "Protector" project, the Municipality declared, in particular, that:

“as part of the European project PROTECTOR - PROTECTing places of wORship (Grant Agreement - GA n. 101034216 - PROTECTOR | ISFP-2020-AG-PROTECT, dd. 02/28/2021 and subsequent amendments), coordinated by SAHER (EUROPE) OU - EE, the Foundation […] is Technical Coordinator and Work Package (WP) Leader and, in particular, responsible for the development of the software platform called PROTECTOR Platform. The project lasted 25 months, from 04/01/2021 to 04/30/2023”;

“PROTECTOR is a project that aimed to improve the protection of places of worship at an urban level through the analysis of hate crimes and terrorist threats, as well as the evaluation of security measures and the responses given by the security forces order in such contexts. The project developed a specific security strategy for places of worship. Furthermore, new technological components were developed and tested […] according to the principles of the so-called ethics/privacy-by-design, in selected places of worship in Belgium (Antwerp), Bulgaria (Sofia) and Italy (Trento), in order to improve the analytical capabilities of law enforcement agencies”;

“[…] the PROTECTOR platform is configured as a solution that acquires data from video surveillance cameras and textual data derived from social media, processes them and displays relevant information for law enforcement, in order to identify risks and threats to the safety of places of worship”;

“the platform is made up of various software modules, with different functionalities. The automatic analysis of visual and textual data is carried out through software modules based on AI technologies. Regarding the modules for the analysis of visual data we have:

automatic object detection component: module based on object detection technologies ([…]) for the detection and classification of objects of interest (for example: cars, pedestrians, bicycles). Only the category of objects on the scene is detected and not their specific identity[;]

object movement tracking component: module for detecting the trajectories of objects of interest (or visual tracking), identified thanks to the module described previously. The module is based on open source code […], publicly available[;]

anomaly detection component: module for the detection of anomalous situations in urban areas and for their categorization (for example: situations of crime or deviance). This anomaly detection component uses publicly available libraries such as the CLIP vision language model and trajectory clustering methodologies to identify anomalies in movements. The AI modules described above for video data analysis use datasets publicly available in the literature to train deep learning models, while refinement and evaluation are carried out using the data acquired by the PROTECTOR platform in anonymized form [...]";

"in relation to the modules for the analysis of data on social networks we have:

component for automatic detection of religious hate messages from Twitter and YouTube comments. The objective is to monitor any escalation of hatred (mainly of a religious nature or connected to it) and, therefore, no information relating to user profiles is acquired, but only information relating to the textual content of the posts[;]

component of analysis of emotions detected in religiously themed Twitter posts and YouTube comments. Also in this case, the objective is to carry out monitoring on aggregate data to understand whether online discourse is characterized by unexpected peaks of aggression, anger or other negative emotions on the topic of religion[;]

component for detecting disinformation linked to religious fake news, aimed at monitoring the presence of religious-themed disinformation on Twitter. To automatically identify religiously themed hate messages online, we use both generic datasets and data collected specifically for PROTECTOR, including comments posted on Twitter and YouTube. These comments are anonymized by removing user names and replacing users and URLs present in the text of the posts with USER and URL. The social media analytics components employ Transformer-based language models: dictionary-based approaches and semantic searches to detect hate speech, emotion, geographic locations, and religious misinformation in the aforementioned social media posts."

“as part of the [“Protector”] project […], the Foundation […] is responsible for developing AI technologies for the analysis of video surveillance scenes solely starting from visual data, however the processing of no audio signal”;

“[…] for the 11 static IP surveillance cameras of the Municipality […] involved in the project, the Foundation […] [provides] access to the internal network of the Municipality […] and to the non-operational real-time video stream for by means of specific credentials […]. Once the connection was established, the Foundation [...] acquired a non-operational video stream from each camera involved in the project, reaching its IP address";

“The video data is immediately anonymized by automatically blurring faces and vehicle license plates, thereby removing personal identifiers and ensuring that people cannot be identified […]. The acquired video data passes through the Foundation's systems [...] for the time strictly necessary for anonymization and, subsequently, definitively deleted";

“the anonymized data relating to the images of the Municipality's cameras [...] are saved on the Foundation's servers [...] to be processed by AI algorithms [...]; they are also accessible through the PROTECTOR platform exclusively to members of the Consortium and the European Commission; their circulation outside the project itself is therefore not envisaged";

With specific regard to the “Precrisis” project, the Municipality declared that “[for] PRECRISIS - PRotECting public spaces thRough Integrated Smarter Innovative Security (Grant Agreement - GA n. 101100539 - PRECRISIS | ISF-2022-TF1-AG-PROTECT dd. 17/02/2023), the Foundation [...] is Technical Coordinator and Work package Leader. The project officially started on 05/01/2023 and has an expected duration of 24 months. The same is currently in the activation phase and no AI-based software component has yet been developed [...;] before the concrete activation of this project, all measures will be adopted to make the processing of necessary personal data compliant with the [Regulation] ”.

The Municipality then, more generally, declared that:

“the processing is carried out exclusively for purposes related to the development of the projects […]”;

“the legal basis for the normal video surveillance activity implemented by the Municipality, through the local police force, can be found […] [in] art. 6, paragraph 1, letter e, [of the Regulation]), in particular pursuant to the provisions of [legislative decree] no. 11/2009, converted into [l.] n. 38/2009, which assigns specific tasks to Municipalities in the field of urban safety by establishing, in art. 6, paragraph 7, that "for the protection of urban security, municipalities may use video surveillance systems in public places or places open to the public";

“video surveillance processing is also attributable to the provisions of Directive 2016/680 and Legislative Decree no. 51/2018, as well as the specific legislation relating to the local police force and/or the so-called decree. “Minniti” [i.e. the legislative decree 20 February 2017, n. 14]”;

“[…] the provisions of Directive 2016/680 and Legislative Decree no. 51/2018 will eventually become applicable when the experimental phase is concluded and the functions developed through the research projects will be made usable in the use of municipally owned video surveillance systems by the local police force. At present, in fact, these functions, being still in the development phase, have not been made available when using these systems; therefore, the aforementioned legal basis is not relevant”;

“[…] the general function of public interest or connected to the exercise of public powers […] can also be traced back to the art. 2 of the Local Authorities Code (regional law 3 May 2018, n. 2 and subsequent amendments), where the cultural, social and economic development of the population is included among the administrative functions of local interest attributed to the municipalities, which includes - in general terms - the development of the “Trento Smart city” project, which also includes the projects under examination”;

"since these are research projects, the provisions of Annex A.5 of the [Code] containing the ethical rules for processing for statistical or scientific research purposes were also deemed relevant, in compliance with the art. 89 of the [Regulation]”;

“[…] finally, the conventional agreements signed by the Municipality […] and the Foundation […] are considered relevant for the purposes of participation in the projects (Grant Agreement and Project Consortium Agreement)”;

as regards "the date from which the processing of personal data carried out through each of the aforementioned systems was carried out is identifiable: as regards videos, February 2022; as regards audio, March 2023”;

“[...] at present the projects are still in the experimental phase, as the development of the artificial intelligence algorithms that should implement the functionality of video surveillance systems by identifying and reporting potentially dangerous events has not yet been completed. Furthermore, it is specified that, starting from the date [above] indicated [...], the collection of the audio and video streams necessary for the development of the algorithms does not take place only in controlled environments and with the involvement of people who have given their consent to participate to the project, but also in the urban environment, i.e. through the cameras and microphones installed in some squares and streets of the city";

“[…] the areas of the city in which to place the cameras and microphones were selected as they were deemed […], particularly relevant in relation to the potential occurrence of significant events for the purposes of collecting samples useful for training the algorithms” ;

“[…] the Foundation […] is the technological partner of the Municipality […] in the development of the three research projects […] [and it has] been identified as the only entity external to the Municipality […] responsible for carrying out, through the management of audio and video flows produced by microphones and cameras, the processing of personal data aimed at the development of artificial intelligence algorithms. Based on this approach, the Municipality [...] proceeded to formalize with a union decree the appointment of the Foundation [...] as data controller pursuant to art. 28 of the Regulation […]”;

"no steps were taken to appoint the other project partners as data controllers, as it is envisaged that any communication to them of the data used within the projects will take place exclusively in anonymous form";

“[…] the video devices (cameras) previously already present and in operation in the municipal territory and currently used for the development of the projects only allow video recording and therefore do not acquire nor did they acquire in the past audio data”;

"the audio devices (microphones) currently used for the development of the projects, on the other hand, were not previously already present and in operation in the municipal territory and were installed during the current year [...] starting from the date indicated above";

“the data analyzed are anonymized at the source [...], in proximity to the devices used to collect this information, they are not shared with third parties nor useful for profiling citizens. Situations are controlled by analyzing multimedia information in real time, using machine learning algorithms. More simply, through software and algorithms dedicated to identifying anomalies, which operate by comparing the audio and video received with a set of audio and video tests, previously simulated to instruct the machine to recognize dangerous situations. Once the anomaly has been recognised, the system under development could – potentially – be used to alert local authorities, signaling the type of event to intervene more quickly and more effectively to support citizens. It would be up to the Local Police operator, who monitors the images coming from the cameras, to establish whether it is necessary to intervene or not; it is not the system that determines which actions must be implemented to respond to situations of potential threats. The MARVEL system is not able to analyze or understand conversations, but only to associate audio and video with situations considered dangerous";

“pursuant to articles. 13 and 14 of the Regulation [...], steps have been taken to provide interested parties with information relating to the processing carried out for the development of the projects in the following ways: placement of specific signs with simplified information in correspondence with the places where the microphones and cameras; publication on the municipal website of detailed information on the processing of personal data acquired. For further transparency purposes, citizens were also informed about the development of the projects and their characteristics and implications during a specific press conference held on 8 May 2023, which was followed by the publication on the specific municipal website Press release";

“as part of the […] MARVEL project, audio signals are anonymized directly at the source. The microphones are connected to [a so-called “single board computer”] which detects the segments containing speech and modifies the characteristics of the voice so as to make the speaker no longer recognizable, and then makes the anonymized signals available for further processing. […] Removing voice characteristics uses [a specific] library […]”;

“As part of the European MARVEL and PROTECTOR projects, raw videos are anonymized to remove personally identifiable information and/or characteristics, including people's faces and vehicle license plates. Anonymization is achieved by first detecting faces and license plates on each video frame and then applying Gaussian blur to the detected regions. To detect faces and license plates, the generic object detector […] is used, pre-trained on [a] publicly available dataset […]. The face detector was further refined using the […] benchmark, a publicly available dataset. The license plate detector was further trained using annotated videos captured as part of the MARVEL project.”

In response to a further request for information from the Authority (prot. note n. XX of XX), the Municipality, with prot. note. n. XX of the XX, declared, in particular, that:

the activities under investigation "fall within the scope of European projects - MARVEL, PROTECTOR and PRECRISIS - whose objectives and methods of implementation are the subject of specific "Agreements" signed for each project between the European Commission, the Coordinator and the Partners of project beneficiaries of funding";

“the PROTECTOR project has already ended, the MARVEL project will end at the end of the current year, while the PRECRISIS project began in May 2023 and is scheduled to end in April 2025 […]. To date, no personal data processing activity has been undertaken by the Municipality [...] (nor by the Foundation [...]) in relation to this latest project, as it is still in the planning and context analysis phase" ;

"as regards [...] the participation of the Municipality [...] in the projects, the legal basis of the processing is identified in the legal and statutory provisions (art. 2 regional law no. 2/2018, articles 3 and 7 Statute of the Municipality […]) which include among the administrative functions of local interest attributed to the municipalities the cultural, social and economic development of the population, to which the development of the “Trento Smart city” program (as a strategic project of the Municipality) can certainly be traced back, in which the [aforesaid three] projects include […]”;

“furthermore, also pursuant to the new art. 2 ter paragraph 1 bis of the [Code], the processing of personal data carried out for, and within, such projects were considered necessary for the exercise of such functions and the pursuit of their purposes";

“the provisions of Annex A.5 of the [Code] containing the ethical rules for processing for statistical or scientific research purposes have been recalled, for relevance, in the document “Compliance with the ethical requirements established for the participation of people in European projects - MARVEL (Grant Agreement no. 957337) and PROTECTOR (Grant Agreement no. 101034216)” which describes the measures planned/adopted both by the Municipality […] and by the Foundation […] to regulate the processing of personal data carried out in the context of aforementioned projects, thus not wanting to imply that it is a legal basis specific to the Municipality [...]. [The] Foundation […] participates in the project activities in its capacity as a non-profit research body of public interest […] whose main purpose is to promote, carry out and develop scientific research activities and to disseminate and enhance the results of the same both in the perspective of the advancement of knowledge and of service to the local community (articles 1 and 2 of the Foundation's Statute)”;

“the research staff of the Foundation [...] aligns their research and study activities - also for the [aforesaid three] projects [...] with the ethical principles and rules [...], principles and rules which are attached to the Code of Conduct of the same Foundation”;

“it is confirmed that the anonymization of audio data consists in the replacement of the speaker's voice, maintaining the characteristics of the audio signal as unaltered as possible, including the semantic content of speech. This approach, compared to a complete elimination of conversations from the audio signal, responds to the objective explicitly foreseen in the Grant Agreement signed with the European Commission (description of Task 3.1 of Work Package 3, pages 20-21 of Annex 1 (part A ) of the Grant Agreement) to develop minimally intrusive anonymization techniques that preserve the acoustic context and allow effective processing of signals without loss of information";

“the risk associated with this approach was assessed in the context of the ethical screening activities requested by the European Commission for the MARVEL project and carried out by the Coordinator - Foundation for Research and Technology Hellas (FORTH - EL) and by the partners responsible for the legal, ethical aspects , data protection and AI - Privanova Sas (FR) and Univerzitet u Novom Sadu Fakultet Tehnickih Nauka (UNS - RS) […] The risk was classified as low in Deliverable D9.5. This deliverable will soon be updated - by the Coordinator and the partners mentioned above - in D2.6 and whose submission is expected in December 2023";

“within the MARVEL project, it is important to distinguish two different uses of the audio (and video) tracks, corresponding to two different purposes of the project: the prototype/demonstrator and the data corpus.

The project prototype/demonstrator, accessible exclusively to MARVEL project partners, is not in continuous operation, but is activated for limited time periods linked to specific project activities (research, development, benchmarking, evaluation, etc.). The prototype/demonstrator, in addition to allowing Partners to analyze anonymized audio (and video) signals in real time, makes temporary copies of short anonymized audio (and video) segments associated with relevant events, in order to allow them to be displayed in the intended dashboard. to users (project partners' staff);

the data corpus involves the archiving of anonymized audio (and video) tracks in a storage space accessible to the Partners who have access to the project platform. The data is stored with metadata about the time, date and location of the recording. This data allows "ex-post" analysis. Even in this case these are not continuous recordings, but recordings that cover short periods of time";

"[this] approach [...] is also expressed in the contract for the appointment of the person responsible for processing personal data stipulated between the Municipality [...] and the Foundation [...] and in the analysis document attached to the same, in which the progressive implementation was envisaged by FBK of the following forms of anonymization of audio data: removal of segments containing speech from the data recorded on FBK servers; removal of segments containing speech from data recorded on devices connected to microphones; conversion of the voice of speakers registered on the FBK servers [...]. The final solution created in the project, which involves the conversion of the speakers' voices on the devices connected to the microphones, is an improvement compared to the solutions provided in the aforementioned annex";

“[with regard to] videos [in the context of the] MARVEL and PROTECTOR project […] the risk associated with the approach of anonymizing videos through the blurring of faces and license plates was assessed in the context of the required ethical screening activities by the European Commission for the MARVEL project […] [and] was classified as “low” […]”;

"[this] approach [...] was also expressed in the contract for the appointment of person in charge of personal data processing stipulated between the Municipality [...] and the Foundation [...] and in the analysis document attached to the same, in which it was noted in particular that “for visual data, the most vulnerable content is a person's face, for which it is not difficult to find sample images with related identifier (ID) on the Internet. Clearly, other characteristics could be exploited, such as clothing, a particular haircut, or body morphology; however, these characteristics are not sufficient to uniquely identify a person with respect to facial features. Furthermore, the removal of all visual content relating to a person would significantly deteriorate the performance of other activities of the algorithms for monitoring potentially dangerous or anomalous situations, some of which could be made unidentifiable" and that "in the event that video data involving cars similar concepts will apply, with license plates filling the role played by faces for the human figure””;

“regarding the Twitter messages and YouTube comments collected as part of the PROTECTOR project, it is clarified that they are processed to extract information relating to hateful content or expressed emotions. Once the analysis is completed, the text of the individual messages/comments is no longer used, is not integrated into the PROTECTOR platform and is therefore not visible or accessible by any user. The analysis proposed on the platform in fact presents aggregate results that can no longer be traced back to messages from individual users. As for the authors of the messages/comments, YouTube users are immediately deleted, while Twitter users are pseudonymized by replacing the real username with an automatically generated random user ID. Reiterating that it was not made accessible for operational activities but only for demonstration purposes to the members of the consortium, in the platform, according to the logic with which it was implemented, the project partners can visualize the network of interactions between users (without any type of information on the content of the messages) by displaying only the randomly generated user IDs; access to this information is only possible via authentication. Only the law enforcement agencies involved in the project (Local Police - IT, Antwerp Police - BE and Ministry of the Interior of Bulgaria - BG), have access to a version of the platform where user networks can be displayed with names actual users (without any information on the type of messages these users exchanged). […] It is also specified that the platform does not analyze a flow of messages in real time, but contains for demonstration purposes the analyzes relating to messages collected over a period of three months (November 2021 - January 2022). The analysis of the risks linked to the use of messages/comments on social networks is presented in Deliverable D4.3. (sections 2.1.1.2 and 2.1.1.4). Details on authentication are reported in Deliverables D4.4. and D4.5”;

“relating to the sharing of anonymized audio and video content within the MARVEL project, the technical activities within the competence of the Foundation […] concern the implementation and operation of a software component (RTSP server) which receives the anonymized flows and makes it available to the components that request it within the project platform. Furthermore, in relation to the data corpus, the Foundation [...] makes the anonymized audio and video data available, accompanied by metadata relating to date, time and place, through a program (Java executable) provided by the Consortium. The anonymous data is made available and accessible to the project partners for their respective activities […]. Regarding the sharing of anonymized video contents within the PROTECTOR project, they are accessible exclusively to the project partners, the European Commission and the project reviewers, through a software demonstrator, part of the PROTECTOR platform. […].

With note dated XX (prot. n. XX), the Office, on the basis of the elements acquired, the checks carried out and the facts that emerged following the preliminary investigation, notified the Municipality, pursuant to art. 166, paragraph 5, of the Code, the initiation of the procedure for the adoption of the measures referred to in the art. 58, par. 2, of the Regulation, for having processed personal data in a manner that does not comply with the principle of "lawfulness, correctness and transparency", in violation of art. 5, par. 1, letter. a) of the Regulation; in the absence of a legal basis, in violation of the articles. 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code; failing to provide interested parties with some of the information required by data protection regulations, in violation of 13, par. 1, letter. c) and e), and par. 2, letter. a), b) and d), and 14 of the Regulation; communicating personal data to third parties, including those relating to crimes and particular categories (religious beliefs), in the absence of a legal basis, in violation of articles. 5, par. 1, letter. a), 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code; failing to stipulate a data protection agreement with the Foundation (data controller), in violation of art. 28 of the Regulation; failing to draw up a data protection impact assessment compliant with the requirements of data protection legislation, in violation of art. 35 of the Regulation.

With the same note, the aforementioned owner was invited to produce defensive writings or documents to the Guarantor or to request to be heard by the Authority (art. 166, paragraphs 6 and 7, of the Code, as well as art. 18, paragraph 1, of the l. 24 November 1981, n. 689).

With note dated XX (prot. n. XX), the Municipality presented a defense statement, declaring, in particular, that:

“starting from 1 November 2023, the processing of data has been limited, blocking any activity that could lead to its detection or use, with the exception of mere conservation even for defensive purposes”;

“the assessments that guided the Municipality's actions [...] were based on the fact that, in the pursuit of the public good of urban safety, there was a full realization of the principle of lawfulness. Furthermore, as regards the contents of the video and audio recordings, participation in the European Projects started from the assumption that the objectives could be achieved without any processing of personal data, therefore not even data belonging to particular categories or relating to criminal convictions and crimes";

“the video and audio recordings acquired and processed as part of these Projects are intended for the so-called "training" of the software, i.e. to make them effective in the activity of recognizing potential risk situations for the safety of cities";

“[…] the Municipality […] intended to provide a few hours of recordings of public squares in its city, on the assumption that they would be used only after adequate removal of any personal data”;

“without the guarantee that no personal data were used, the municipal administration would never have agreed to make its contribution to these projects. On these assumptions, aware of the risks in the use of video and audio recordings, the Municipality [...] made use of the work and assessments carried out by technical partners with proven competence and experience - in particular the Foundation [...]";

“the participation of the Municipality […] in the mentioned European Projects must be seen precisely in the desire to contribute to completing valuable research and, ultimately (with a view to its full use), to improve the level of safety of the municipal territory and the quality of life of its citizens";

"with reference to the "Marvel" and "Protector" Projects, the DPO of the Municipality [...] in the XX, in dealing with the issue upon express municipal request, communicated with an opinion that "With regard to the verification of the existence of the basis of lawfulness of the processing with reference to research projects, the existence of the same is confirmed with reference to article 6, paragraph 1, letter e) of the Regulation [...]";

"that being said, also taking into consideration the opinions of the DPO, the Municipality [...] deemed the lawfulness of the processing to exist [...] with particular regard to the protection of urban safety [...]";

"it is considered more than evident that the municipal body was in good faith in considering the principle of lawfulness fully implemented in relation to the "legal basis" (Recital no. 41 of the [Regulation]): the multiple national regulations [on the subject of urban security], aimed at pursuing the public good and security (in full coherence with the aims of the Project) were considered a more than adequate legal basis legitimizing the processing";

"this consideration is valid as proof of the fact that any error of law contested [...] [by the Municipality], was substantially inevitable and, therefore, "excusable", in light of a series of positive elements, extraneous to the Municipality [...] ], suitable to generate the belief of lawfulness of the conduct, the Municipality itself having done everything possible to comply with the regulations cited";

"the Municipality [...] considered, in absolute correctness and good faith, that in both cases (images and sounds) no processing was carried out (in the case of the images, further than that in progress for purposes of public safety and order public)":

“[…] the Municipality […] oriented its actions according to an assessment of “probability and severity” [of the risk of identification of the interested parties] […]”;

“for the “Marvel” and “Protector” Projects, video traces of modest quality were acquired from the use of these cameras […] For the “Marvel” Project there are a total of 14 cameras, positioned in a total of locations ( essentially corresponding to some squares in the city), with shots of the same place from different angles; for the "Protector" project, a total of 4 cameras were used, positioned in 4 squares; the resolution of the frames is 1200x1600 pixels, i.e. less than 2 megapixels [...] the video is subject to high image compression, which generates the so-called “artifacts”, i.e. an alteration of details; the cameras are located at a height between 3.5 and 40 meters from the ground; in low light conditions (evening, night and early morning) the cameras work in infrared, so in this situation they only record in black and white and with reduced contrast; since it is often a view from above and at a certain angle, people and objects are portrayed with a perspective distortion that alters their characteristics; video tracks of 1 consecutive minute (for “Marvel”) or 3 consecutive minutes (for “Protector”) were acquired from each camera, with the impossibility of acquiring the previous or subsequent minutes, so that between one track and another of the same camera spends an average of one hour; the tracks were used by the researchers only some time after recording, i.e. not live”;

"for the "Marvel" Project, a total of 309 hours of video recording were acquired (corresponding to 13 days), referring to a time span of 20 months (between February 2022 and 1 November 2023, when all activity was blocked); within the “Marvel” project, there were approximately 60 researchers who could access the data;

“for the “Protector” Project, a total of 18 hours of video recording were acquired, relating to a time span of 15 months (between February 2022 and 30 April 2023); of these, only approximately 4 hours are currently stored, as the data was no longer necessary within the Project; within the “Protector” Project, there were approximately 90 researchers who could access the data;

“it can be estimated that each person in the frames is composed of only a small group of pixels, making the graphic representation of physical characteristics extremely limited”;

"these elements, weighed together, led the Municipality [...] to believe - once the further anonymisation of people's faces and vehicle license plates had been carried out (through blurring or alteration) - that it was not actually possible to recognize personal characteristics sufficient to allow the subjects portrayed to be uniquely identified. Therefore, we were convinced that the objective circumstances and technical measures were such as to exclude substantial processing of data relating to identified or identifiable persons";

“as for the so-called “motivated intruder test”, the limited value of the information was also highlighted (since these were shots of modest quality, of short duration and taken in public squares)”;

“furthermore, even looking at the subjective element, there is no motivation or interest (neither on the part of the Data Controller and the Data Processor nor on the part of the researchers who have access to the anonymized data) in the re-identification [of the interested parties, given that] [...] for the institutional purposes of the Projects the personal data have no use";

“the audio recordings were made through microphones connected to a hardware device ([so-called “single board computer”]) installed specifically for the project purposes. The Foundation has installed the anonymization software provided as part of the "Marvel" Project on the device. By express desire and compliance with the project purposes, the microphones used had a reduced capacity to pick up sounds, as only the recording of intense noises (such as those caused by vehicle collisions, an explosion, etc.) was relevant";

“there are a total of 6 microphones, positioned in 3 places (corresponding to some of the city squares where the cameras are already installed); audio tracks of only 1 consecutive minute were acquired from each microphone, with the impossibility of acquiring the previous or subsequent minutes, so that approximately an hour passes between one track and another from the same microphone; overall, 85 hours of recording were acquired (equal to less than 4 days), relating to a time span of 8 months (between March and 1 November 2023, when all activities were blocked), all within the scope of the Project “Marvel”; the tracks were used by the researchers only some time after recording, i.e. not live; furthermore, the microphones were installed at a height between 3.5 and 7 meters from the ground; the intensity of the sounds that could be picked up was reduced by the presence of a protective box (electrical junction box) inside which each microphone was inserted (to protect it from the elements); the audio could be accessed by approximately 60 "Marvel" researchers;

“the Foundation has communicated that on the basis of these calibrations all the audio tracks are composed almost entirely of silence or indistinguishable background noises. Only in rare moments are other sounds perceptible, essentially referring to extraordinarily noisy events that occurred in a place very close to the microphone and always limited in time to approximately 1 minute (mainly the transit of a heavy vehicle, the siren of an emergency vehicle, etc. )”;

"only for the rare eventuality of recording people's voices, anonymization at the source of the segments containing speech was provided, with alteration of the characteristics of the voice so as to make the identity of the speaker no longer recognisable. This alteration activity was carried out directly at the microphone, so as to make already anonymized audio tracks available to researchers";

"all these circumstances had led the Municipality [...] to believe that, in the context of the "Marvel" Project, even for the audio recordings there had been no substantial processing of information concerning identified or identifiable persons";

“[...] again for the audio recordings - considering that the microphones had been installed in compliance with a specific contractual agreement contained in the "Marvel" Project, within which the use that would be made of them was already defined - yes it is believed that the Municipality [...] could not be attributed any special role in defining the purposes and methods of the processing";

as regards the processing of "messages or comments from users of the "Twitter" and "YouTube" web platforms" within the "Protector" project, "the Trentino municipal administration has never participated in any decision regarding this research activity, remaining even unrelated to any actual operational activity inherent thereto. In other words, no processing was ever carried out by the Municipality [...], either in its interest or to its advantage. In fact, this activity was foreseen as part of work package 3 ("WP 3") which did not attribute any concrete operational role to the municipal administration";

"the provision according to which the "usernames" of the authors of messages published on the "Twitter" platform were shared with some public authorities, had been foreseen in the interest of other institutional partners (such as the Antwerp Police and the Ministry of the Interior of Bulgaria), but was never requested or desired by the Municipality [...]. In fact, this provision has remained completely unimplemented, as there has never been access to the data by the local Trentino Police Force, nor by other Municipality staff";

"precisely because of this total extraneousness, in the documentation drawn up by the Municipality (impact assessment, information on processing, etc.) no mention was made of processing activities of data taken from the web and, in any case, of data on beliefs religious”;

"in view of what has been illustrated, the Municipality [...] has always considered that, in relation to the data collected on the web, only those who were directly involved in such operations should be considered data controllers";

“with reference to the dispute of the processing of particular categories of data and data relating to criminal convictions and crimes […] the Municipality […] relied on the usual qualification of the images as “common” personal data;

“data relating to observations of events in which the details of a crime can be integrated are not normally considered data processing pursuant to Article 10 of the [Regulation]; however, it is considered such processing if, subsequently, the course of events is separated in order to document, take subsequent measures or report the crime. In the present case, neither the Municipality [...] nor the Foundation processed judicial data, as the recordings were not used for the purpose of isolating or identifying single individuals (or groups of individuals) with the aim of proceeding with subsequent activities by the Authorities public (e.g. investigations, arrests, sanctioning measures). It is underlined, in fact, that each video and audio segment is intended for the sole purpose of "training" the software to recognize dangerous situations";

“[…] this must apply to both video recordings and audio recordings, as the same arguments can be applied”;

“with regard to data relating to religious beliefs, constituting a particular category of data pursuant to art. 9 of the Regulation, what was said above applies [...], having to affirm the Municipality's non-involvement [...] in the processing";

"the Municipality takes note of the considerations made [by] the Authority regarding the possible misunderstanding generated among citizens resulting from the fact that the purpose of the data processing reported in the information placed near the registration systems was not clear, and intends to adapt the information that will be necessary to use for future occurrences";

"the information, and in particular the second level information, was drawn up on the basis of models provided by the DPO of the Municipality [...] and in accordance with the internal municipal directives";

"in the first and second level information the legal basis and the purposes of the processing have been identified and explained in relation to the legal basis of the processing considered relevant (this in particular for the first level information in which reference is made to the protection of urban security); in this regard, it is worth recalling the Municipality's commitment [...] regarding the fact that no further processing was carried out in addition to that already underway (detection of images for purposes of public safety and public order) and, in any case, that no data belonging to particular categories were involved (art. 9 of the [Regulation]) or relating to criminal convictions and crimes (art. 10 of the [Regulation])”;

"the failure to indicate in the information that the equipment was also capable of picking up people's conversations is also justifiable by the fact that, due to the intrinsic characteristics of the recording system (as described above) the actual possibility of hearing relevant semantic contents was to be considered an almost null eventuality";

"as regards the absence of a specific illustration of the processing of personal data concerning the publication of messages on the "Twitter" platform or comments on the "YouTube" platform within the "Protector" Project, reference is made to what is indicated above [in relation to the role played by the Municipality]”;

“the information was set up and carried out in full good faith, giving information and reassurances to citizens, in line with the above, on the assumption that the data was anonymised, also thanks to the expertise and experience of FBK; from this derives the second level information without reference to the communication of data to third parties";

"in addition to the first and second level information, which was drawn up on the basis of the project agreements (Grant Agreement) and according to the models shared with the DPO, forms of public disclosure of the Projects were promoted including press releases, press releases institutional website of the Municipality, dissemination of information regarding the Projects also via the social networks of the Municipality and the Mayor (including the press conference of 8 May 2023) and presentation videos of the Projects were disseminated on YouTube";

"with reference to the information pursuant to art. 13 of the GDPR [...] the Municipality relied on the opinion of the DPO";

“the drafting of the impact assessment was also started, the drafting of which was completed already on 19 January 2022 (when it was shared for the first time with the DPO, as shown by the exchange of emails [in documents]). The impact assessment was subsequently inserted into the IT application containing the register of processing activities [...] in March 2023, only after having obtained the final opinion of the DPO on the assessment itself ([in documents]). Therefore, it is believed to have documented the fact that the Municipality had carried out the impact assessment before the start of the treatments (February 2022 for the video part, March 2023 for the audio part) and that the assessment itself is attributable to the Body";

“[…] the Data Protection Officer was duly involved. The DPO, after long and careful discussions with the Municipality, had expressed a positive opinion [...]";

“the act of appointment [of the Foundation as data controller] was formalized with a union decree, digitally signed by the Mayor […] on 3 February 2022 […]. The decree was then transmitted to FBK, which returned a copy countersigned on 7 February 2022 by its legal representative for acceptance of the appointment [...]. Due to a mere clerical error, the copy of the document already sent [to the] Authority did not contain the original protocol date, but nevertheless retained the correct dates of affixing the two digital signatures";

“it is specified that the nomination contained an annex […], entitled “Compliance with the ethical requirements established for the participation of people in European projects - MARVEL (Grant Agreement n° 957337) and PROTECTOR (Grant Agreement n° 101034216)”, which , together with the same nomination countersigned for acceptance, constitutes a joint agreement, governing the rules to be followed for data processing, in particular for the anonymization phase. In fact, it is reiterated that this annex was drawn up jointly with the Foundation, which, in particular, also contributed by indicating the specific anonymisation techniques that it deemed appropriate to apply";

“on 1 November 2023, the Municipality [...] immediately contacted the Project Partners in order to make them aware of the observations made [by] the Authority. On this occasion, it was requested that all activities of the "Marvel" Project (the only one currently being tested) involving the acquisition and processing of the recordings in question be immediately suspended;

“this request for suspension was promptly found positively, with the consequent blocking of any data processing activity deriving from the recordings acquired in the public squares of the city of Trento, except for the mere conservation of the data also for defensive purposes”;

"it is confirmed that, as part of the "Protector" project, data has no longer been collected since the beginning of May 2023 and that, in any case also for this Project, all processing activities have been blocked".

During the hearing, requested pursuant to art. 166, paragraph 6, of the Code and held on date XX (see prot. minutes no. XX of the same date), the Municipality declared, in particular, that:

“the Municipality, in the context of the two projects, was one of the partners and not a leader; each partner was in fact called to make their own contribution, each within their own area of competence";

“the Municipality was confident in the fact that the treatments implemented in the two European research projects could be traced back to the legal framework on urban safety and to the specific competences that the same attributes to the Mayor”;

"in this context, the Municipality was interested in equipping itself with technologies aimed at identifying ex ante any risks to urban safety and, to this end, relied on the Foundation, a highly qualified entity, for the purposes of identifying the best technologies to be used in the context of the two European projects and the measures to be implemented in order to guarantee compliance with the right to data protection of the interested parties";

“the two projects, as they were aimed at strengthening urban safety in the municipal area, were instrumental in achieving the public good”;

"the Municipality, also with regard to the anonymization techniques to be used within the two projects, had relied on the Foundation, as a technological partner that could offer the highest guarantees by virtue of its specialist knowledge, without this having entailed a deresponsibility of the Municipality, which spoke with the Foundation in order to identify the most appropriate measures";

"as regards the transparency of processing, we have tried to implement all initiatives to ensure full awareness on the part of citizens";

"with regard to the impact assessment, there is no model predefined by law to carry it out, the Municipality having believed in good faith that the methodology used was suitable".

With subsequent notes from the Municipality (prot. n. XX) and from the RPD of the same, sent on XX date to integrate what was declared at the hearing, the defenses put forward by the Institution and already illustrated above were substantially reiterated.

3. Outcome of the preliminary investigation.

3.1 Processing of personal data carried out within the “Marvel” and “Protector” projects.

From the statements made by the Municipality during the investigation, as well as from the overall documentation in the documents, it emerged that the Municipality, acting as data controller, with the support of the Foundation, as data controller, participated in two research projects , called "Marvel" and "Protector", financed with European funds, with the aim of developing technological solutions aimed at improving safety in urban areas, according to the so-called paradigm. “smart cities”.

In particular and in summary:

the “Marvel” project (“Multimodal Extreme Scale Data Analytics for Smart Cities Environments”), which should have ended on 31 December 2023, involves the acquisition of footage extracted from video surveillance cameras already installed in the municipal area for urban security purposes (see articles 4 and 5, co. 2, letter a), of the legislative decree 20 February 2017, n. 14; see art. 7, paragraphs 7 and 8, of the legislative decree. 23 February 2009, n. 11), as well as the audio obtained from microphones specifically placed on the public road for the purposes of the project. Such data, which in the opinion of the Municipality would be immediately anonymized after collection, are analyzed in order to automatically detect, using artificial intelligence techniques, events relevant to the protection of public safety (e.g. gatherings, assaults, muggings, fights , etc.). As part of this project, the Municipality used a total of 14 cameras; Video tracks of 1 consecutive minute were acquired from each camera with an average interval of 1 hour between one track and the next. A total of 309 hours of video recording were acquired (corresponding to 13 days), relating to a time span of 20 months (between February 2022 and 1 November 2023). As for audio acquisition, a total of 6 microphones have been installed, positioned in 3 places in the cities where cameras are already installed. Audio tracks of just 1 consecutive minute were acquired from each microphone, with intervals of approximately one hour between one track and another. Overall, 85 hours of recording were acquired, relating to a time span of 8 months (between March and 1 November 2023);

the “Protector” project (“PROTECTing places of wORship”), which ended on 30 April 2023, involved, in addition to the acquisition of footage from video surveillance cameras (without audio signal), also the collection and analysis, through aforementioned artificial intelligence techniques, of hate messages published on the "Twitter" platform (now called "X") and comments published on the "YouTube" platform, in order to detect any negative emotions (aggression, anger or other negative emotions on the topic of religion), processing, through the aforementioned artificial intelligence techniques, information deemed of interest to the police, in order to identify risks and threats to the safety of places of worship. As part of this project, the Municipality used a total of 4 cameras, positioned in 4 squares; Video tracks of 3 consecutive minutes were acquired from each camera with an average interval of 1 hour between one track and the next. A total of 18 hours of video recording were acquired, relating to a time span of 15 months (between February 2022 and 30 April 2023); of these currently only about 4 hours are preserved.

Given that the urban security cameras and microphones placed on public streets have been used with the specific objective of identifying and analyzing facts relevant to the protection of public safety, which can therefore constitute crimes, and considering that users who post messages /hateful comments on the Twitter ("X") and YouTube platforms, analyzed in order to detect threats to the safety of places of worship, can commit specific crimes (see, for example, art. 604-bis of the criminal code in matter of propaganda and incitement to crime for reasons of racial, ethnic and religious discrimination), the Municipality, as part of the two projects, has implemented the processing of personal data relating to crimes (see art. 10 of the Regulation and 2- octies of the Code).

However, the Municipality's defense argument cannot be accepted, according to which the video surveillance images cannot in themselves be considered personal data relating to crimes, unless the same, once acquired, are subsequently actually used to ascertain a type of crime. As highlighted above, the video surveillance images were, in fact, acquired by cameras already installed in the municipal territory for the protection of urban security, or for the specific purpose of "preventing and combating the phenomena of widespread and predatory crime" (art. 5 , paragraph 2, letter a), of the legislative decree 20 February 2017, n. 14). In this regard, even in relation to the particular categories of personal data of the art. 9 of the Regulation, the European Data Protection Committee clarified that "video surveillance is not always considered a processing of particular categories of personal data [...];] however, if the video footage is processed to obtain particular categories of data , Article 9 applies” (“Guidelines 07/2020 on the concepts of controller and processor under the GDPR”, adopted on 7 July 2021, points 62 and 63). Likewise, the video surveillance cameras in question were installed by the Municipality for the main purpose of identifying and documenting cases of crime connected to the phenomena of widespread and predatory crime, and also as part of the "Marvel" and "Protector" projects the images were used for the specific purpose of training artificial intelligence algorithms to recognize potential risk situations for public safety.

Furthermore, given that the aforementioned messages/comments acquired from social networks concern the religious sphere and may reveal the religious beliefs of the relative authors or third parties mentioned in said messages, the Municipality has also implemented the processing of personal data belonging to categories particulars (see art. 9 of the Regulation and 2-sexies of the Code).

As regards the "Precrisis" project, however, it is noted that the Municipality has declared that no processing of personal data is currently being carried out, "as it is still in the planning and context analysis phase".

3.2 The role of the Municipality and the Foundation for the purposes of data protection legislation.

In the context of the aforementioned projects, the Municipality claimed to act as data controller, while the Foundation would have played the role of data controller, having been designated as such by the Municipality.

In this regard, it is noted that, although the Foundation is also among the partners of the projects in question, in the agreements stipulated for the use of community funds (so-called "grant agreements") the Municipality is identified as the leading and coordinating entity for the purposes of managing of experiments in its territory, while the Foundation is considered a support partner, able to offer skills and technologies that the Municipality does not have (see the "Grant Agreement" of the "Marvel" project, attached to the Municipality's note of 18 October u.s., cit., where it is stated that "the Municipality [...] will be the leader of the Trento use case, focused on the monitoring of public urban areas. It will conduct the pilot activities by guiding the WP6 [Real-life social experiments in environment of smart cities]” (page 98), while “FBK will offer its current solutions and research into new techniques in the field of Smart Cities […] [and] will contribute […] significantly to WP6 [Social experiments of real life in the smart cities environment] by participating […] in […] experimentation activities” (p. 86); regarding the “Protector” project, see the relevant "Grant Agreement", attached to the same note, which states that "[the Foundation] will define the criteria for the pilot tests and develop an evaluation matrix [...] The first pilot test will be conducted in Trento, Italy and will be coordinated [ by the Municipality]” (page 18)).

On the other hand, the Municipality itself declared during the investigation that "the Foundation [...] is the partner that provides part of the hardware infrastructure for data processing and audio/video anonymization technologies", which "on indication of the Municipality [...] - provides two workstations in its laboratories", which "deals with the acquisition of audio and video data", which is "responsible for the development of the software platform called PROTECTOR Platform", therefore being "partner technology of the Municipality [...] in the development of the three research projects [...] identified as the only entity external to the Municipality [...] responsible for carrying out, through the management of the audio and video flows produced by the microphones and cameras, the processing of personal data aimed at the development of artificial intelligence algorithms" (note of the XX).

It is also noted that, as declared by the Municipality and as illustrated above, the video footage in question is obtained from video surveillance cameras which are already installed in the municipal territory for the pursuit of urban security purposes, with respect to which the Municipality, and not also the Foundation, acts as data controller. Also in relation to the microphones used to capture the audio signal as part of the "Marvel" project, it is noted that only the Municipality, and not the Foundation, could take the decision to install such devices on public roads, as a local authority with administrative powers over its territory.

Therefore, the Municipality exercised a "decisive influence on the [essential] purposes and means of the processing" ("Guidelines 07/2020 on the concepts of data controller and data processor pursuant to the GDPR", cit., point 30), having, therefore, acted as "data controller" (art. 4, par. 1, no. 7, of the Regulation).

However, it is not relevant, except for the purposes of evaluating the subjective element, that the Municipality believed in good faith - also on the basis of the technical advice that was provided to it in this regard by the Foundation - that participation in the two projects would not have entailed a processing of personal data, a defense which, moreover, conflicts with the circumstance that the Municipality has qualified itself as data controller from the beginning, has designated the Foundation as data controller and also in its defense briefs has supported the existence of a basis legal basis suitable to justify the processing of personal data carried out in the context of the two projects.

As regards the processing of personal data contained in the messages or comments of users of the "Twitter" ("X") and "YouTube" platforms as part of the "Protector" project, it is noted that the Municipality has denied its ownership of such processing only in the defense briefs - presented after notification of the violation referred to in the art. 166, paragraph 5, of the Code - having, however, during the investigation supported its full participation in the "Protector" project, so much so that - in response to requests for information from this Authority - it illustrated the specific processing of personal data put in place within the scope of the same.

In any case, the Municipality's defense cannot be accepted, as it is not conclusive that the Institution has not directly implemented specific processing activities in this area. In fact, by deciding to participate in the "Protector" project, making its territory and infrastructure available for the purposes of the same and benefiting from the overall results of the research, the Municipality has decided the purposes and means of the processing also with regard to the information obtained from the aforementioned social networks. On the other hand, the Municipality was fully aware of the processing in question (see the page of the Municipality's institutional website dedicated to the Protector project, which states that "in PROTECTOR a set of advanced technological components capable of analyzing sources heterogeneous data (surveillance cameras, websites, social networks, etc.) and will combine them through the support of ICT tools based on artificial intelligence techniques to provide "alerts" in the event of an increase in risk relating to the security of places of worship ” - https://www.comune.trento.it/Aree-tematiche/Smart-city/Progetti-d-associazione-conclusi/Protector) and the local police of the municipality had been identified from the beginning as the experimental subject together with the Antwerp Police and the Bulgarian Ministry of the Interior, each for their respective national context and for their own territorial area of reference.

Furthermore, the Municipality's statement according to which "this activity was foreseen as part of work package 3 ("WP 3") which did not attribute any concrete operational role to the Municipal Administration" (see defensive memory). From the c.d. "Grant Agreement" relating to the "Protector" project, in the documents, it emerges, in fact, that among the subjects involved in this work package are included "FBK" (i.e. the Foundation) and "TN" (i.e. the Municipality) (p. 68; see also page 101).

More generally, the "Grant Agreement" mentions "TN" (i.e. the Municipality) among the subjects responsible for the "management and coordination of all activities relating to the "Protector" project", required to provide "supervision over all project activities and the results." Furthermore, the Municipality is responsible for the execution of the project on its territory and for the coordination of the first "pilot test" relating to the "Protector" project (page 33; see also page 106).

For the same reasons, it does not note that "the provision according to which the "user names" of the authors of messages published on the "Twitter" platform were shared with some public authorities had been foreseen in the interest of other institutional partners (such as the Police of Antwerp and the Ministry of the Interior of Bulgaria), but was never requested or desired by the Municipality" (see defense brief), having the Municipality consciously participated in the project in the terms set out in the "Grant Agreement" and having, therefore, also accepted - beyond its own internal desires - the scope of data sharing envisaged therein (see the note of the XX, in which the Municipality declares that "only the law enforcement agencies involved in the project (Local Police - IT, Antwerp Police - BE and Ministry of the Interior of Bulgaria - BG), have access to a version of the platform where user networks can be viewed with actual user names (without any information on the type of messages these users have sent exchanged)”.

Furthermore, the fact that the local police of the Municipality never actually accessed such data is not conclusive, given that ownership of the processing does not necessarily presuppose the availability of the data or the completion of material processing operations. The Court of Justice of the European Union has, in fact, on several occasions clarified that any natural or legal person who influences, for its own purposes, the processing of such data and therefore participates in determining the purposes and means of such processing can be considered the owner of said processing, as it is not necessary that the purposes and means of the processing are determined through written guidelines or instructions from the data controller, nor that the latter has been formally designated as such, nor that he has physically carried out operations of treatment (see, most recently, sentence C-683/21, Nacionalinis visuomenės sveikatos centras, of 5 December 2023; see also C-807/21, Deutsche Wohnen, of 5 December 2023; C-40/17, Fashion ID GmbH & Co.KG v Verbraucherzentrale NRW eV, of 29 July 2019; C-25/17, Jehovan todistajat, of 10 July 2018; C-210/16, Wirtschaftsakademie Schleswig-Holstein, of 5 June 2018; see also the “Guidelines 07/2020 on the concepts of data controller and data processor pursuant to the GDPR”, cit., spec. par. 56).

On the other hand, the responsibility of the data controller "extends, as underlined by recital 74 of the [Regulation], to any processing of personal data carried out directly or that others have carried out on their behalf" (C-807/21, cit ., point 38). Since, a data controller is responsible not only for the processing of personal data that he carries out directly, but also for those carried out on his behalf, “such data controller may be subject to a pecuniary administrative sanction pursuant to Article 83 of the GDPR in a situation in which personal data are the subject of unlawful processing and it is not such a data controller, but rather a data controller, of which it has made use, who has carried out such processing on behalf of the owner", where it can be "reasonably believed that this owner has [...] consented to the processing" (sentence C-683/21, cit., points 84 and 85).

As for the Foundation, which assumed a servient position with respect to the achievement of the objectives of the two projects, providing its contribution limited to the scientific, technological and organizational profiles, it is believed that it has, instead, acted as "data controller" (art. 4, par. 1, n. 8, of the Regulation). Furthermore, it was considered as such by the Municipality itself, which for this purpose prepared a specific agreement on data protection, pursuant to art. 28 of the Regulation.

3.3 The anonymization techniques used.

Preliminarily, it is noted that it is not controversial that the Municipality, in the context of the two research projects, has implemented the processing of personal data in the phase of collecting information deemed of interest (video surveillance footage; audio coming from the microphones; messages/comments/profiles obtained from social networks).

The Municipality, in fact, claimed during the investigation that it had used - following the collection of this data - anonymisation techniques aimed at mitigating the impact of the two projects on the fundamental rights and freedoms of the interested parties.

On the other hand, as recently reiterated by the Guarantor, even the acquisition and temporary storage of personal data, such as the image of the face taken by video devices, even if for a reduced fraction of time, constitutes processing of personal data (see . provisions of 13 April 2023, nos. 122 and 123, web document nos. 9896808 and 9896412, relating to the processing, carried out by public entities, in the absence of a suitable legal basis, of personal data contained in videos obtained using devices video, as part of a project that involved the use of face detection algorithms based on convolutional neural networks; see also, in a compliant sense, the previous provision dated 21 December 2017, no. 551, web doc. no. 7496252).

Furthermore, on the assumption that the data - after having been subjected to these anonymisation techniques - could be considered removed from the scope of application of the legislation on data protection (see paragraph 26 of the Regulation), the Municipality shared the same with third parties participating in various capacities in the projects (see the following paragraph 3.6).

Having said this, it is noted that, contrary to what is claimed by the Municipality, the techniques it uses, following the collection of the data, cannot be considered suitable for achieving effective anonymisation of the same.

In particular, as part of the Marvel project, on the assumption that the microphones installed on public streets can also pick up conversations, the Municipality stated that "the anonymisation of audio data consists in replacing the speaker's voice, keeping the characteristics of the audio signal, including the semantic content of speech”.

In this regard, it is noted that the sole replacement of the voice of the speaking subject is in no way suitable for anonymizing the personal data related to a conversation, given that from the content of the same it is possible to obtain information relating both to the speaking subject and to third parties and that this information can make the speaker, his interlocutors or the third parties referred to in the speech identifiable.

In addition to this, it must be noted that, taking into account the wide variety of topics that are usually addressed in conversations, processing of personal data relating to crimes or particular categories or in any case concerning vulnerable subjects (minors, workers, fragile, etc.).

The fact that the Municipality was aware of this risk also emerges from the fact that the Data Protection Officer, consulted by the Municipality with reference to the projects in question, had highlighted, albeit providing an overall positive opinion, that " the use of audio microphones that record the voices and conversations of citizens in a way that allows their identification undoubtedly constitutes a particularly invasive way of using the video surveillance system" (see XX report), which "the impact on citizens with respect to the recording of voices and conversations will in any case be "perceived" in a significant way" (ibidem) and that "the "audio" collection of personal data represents a particularly "critical" element with respect to the invasiveness of confidentiality of citizens" (see XX report).

Coming to the defense theses put forward by the Municipality, it must be noted that only in its briefs - presented after notification of the violation pursuant to art. 166, paragraph 5, of the Code, and not even during the investigation, despite the timely requests for information made by the Authority's Office - the Municipality alluded to a limited capacity of the microphones in question to pick up conversations, in region of specific technical characteristics of the devices (relevance of only intense noises; placement of the microphones in a "protective box" which reduced the "intensity of the sounds that can be picked up") and of the measures adopted (installation of the microphones at a height "between 3 .5 and 7 meters high"), so much so that the Foundation has "communicated that on the basis of these calibrations all the audio tracks are composed almost entirely of silence or indistinguishable background noises". In this regard, it must be noted that the Municipality has not produced documentation capable of proving this circumstance. The alleged inadequacy of the microphones to pick up conversations in an understandable manner is not, on the other hand, consistent with the very purpose of the project, in relation to which the Municipality benefited from funding. The "Marvel" project specifically envisaged the collection of audio from conversations taking place in public streets. So much so that in the document “Compliance with the ethical requirements established for the participation of people in European projects - MARVEL (Grant Agreement n° 957337) and PROTECTOR (Grant Agreement n° 101034216)”, attached to the data protection agreement with the Foundation ( in documents), the organization had taken care to specify that "the conversations contained in the audio data cannot in any way be subject to analysis, guaranteeing the privacy of citizens". In fact, the documentation relating to the project explained that "this approach [i.e. the replacement of the speaker's voice, keeping the characteristics of the audio signal as unchanged as possible, including the semantic content of the speech], compared to a complete elimination of the conversations from the audio signal , responds to the objective explicitly set out in the Grant Agreement […] (description of Task 3.1 of Work Package 3, pages 20-21 of Annex 1 (part A) of the Grant Agreement) of developing minimally intrusive anonymization techniques that preserve the acoustic context and allow effective processing of signals without loss of information” (note of the XX; see also the document “D2.1 Collection and analysis of experimental data”, pages 57-58, in https://www.marvel -project.eu/deliverables/, which states that “audio anonymization aims to remove any information about the speaker's identity from an audio stream [...] However, speech conversion does not remove the spoken content of the utterance, which may potentially contain identifying information (e.g. names/addresses/etc.) and as such may not be the appropriate technique”; v. also the document “D3.3 E2F2C Privacy preservation mechanisms”, pages. 26-27, in https://www.marvel-project.eu/deliverables/, where it is stated that “the final objective of audio anonymization [is to preserve] the content of speech [and to remove] the identity of the speaker)".

As regards the video files used as part of the "Marvel" and "Protector" projects, the Municipality stated that the anonymization technique used consists solely in blurring the faces of the people and the license plates of the vehicles filmed. Even in this case, this technique cannot be considered suitable to ensure the effective anonymization of the data, given that the interested parties are still potentially identifiable through other physical characteristics or context elements (such as, for example, body size, clothing, position in the filmed scene , particular physical characteristics, etc.) or information held by third parties (such as, for example, press reports relating to current events, information provided by people present in the filmed scene, etc.) or information that can be inferred, for example, from the location of the camera (areas overlooking certain businesses, doctors' offices or schools) or, finally, information relating to the route taken by a specific person identified in the video images through the aforementioned physical characteristics and contextual elements, given the possibility of following his movements between the different cameras installed.

As with audio recordings, only in the defense briefs - presented after notification of the violation pursuant to art. 166, paragraph 5, of the Code, and not even during the investigation, despite the timely requests for information addressed by the Authority's Office - the Municipality alluded to the circumstance that - in consideration of the technical characteristics of the devices used (" resolution […] of 1200x1600 pixels”; “high image compression, which generates […] an alteration of details”; infrared mode in low light conditions, resulting in “black and white and reduced contrast” operation) and of the measures adopted (cameras at "a height between 3.5 and 40 meters from the ground"; viewing angle "from above", with consequent "perspective distortion") - it was not "practically possible to recognize sufficient personal characteristics to allow the subjects portrayed to be uniquely identified". Also in this regard, it must be noted that the Municipality has not produced documentation capable of proving this circumstance. The alleged insufficient quality of the video footage is not, on the other hand, consistent with the very purpose of the project, in relation to which the Municipality benefited from funding. The Entity's defense is further inconsistent, given that the video devices used in the two projects coincide with the cameras already installed by the Municipality for urban security purposes, i.e. for the "prevention and contrast of widespread and predatory crime phenomena ” (art. 5, paragraph 2, letter a), of the legislative decree. 20 February 2017, n. 14), therefore having to exclude that the video surveillance footage was not suitable - in terms of quality and level of detail - to allow identification of the interested parties, also on the basis of contextual elements. On the other hand, obtaining images with low resolution, such as not to allow the observer to distinguish specific elements of the scenes filmed, would certainly have compromised the very aims of the project and the possibility of training the artificial intelligence algorithms to recognize situations of potential risk for public safety (see, in this regard, the declarations of the Municipality, made in the note of the XX, regarding the technical characteristics of the platform relating to the "Protector" project, i.e. that it has a "component of automatic object detection", of an "object movement tracking component", of an "anomaly detection component", functions that the Municipality would not have been able to exploit in any way within the project in the face of a signal video of such degraded quality that it prevents not only the identification of people but also the understanding of the contextual elements of the scene being filmed).

Having clarified this, it must be noted that the inadequacy of the aforementioned techniques to guarantee full anonymisation of the data was well known to the Municipality, taking into account that, as stated during the investigation, in the documentation drawn up for the purposes of ethical and data protection assessments within the two projects the risk of identification of the interested parties was highlighted, although erroneously classified as "low". Furthermore, as regards the videos, in the act of designation of the Foundation as data controller, drawn up by the Municipality, it is stated that, for the purposes of identifying the interested parties, whose faces are subjected to blurring, "clearly, other characteristics, such as clothing, a particular haircut, or body morphology", although these characteristics were erroneously not deemed "sufficient to uniquely identify a person with respect to facial features".

In this regard, it must be noted that by "identification", "we do not mean only the possibility of recovering the name and/or address of a person, but also the potential identifiability through identification, correlation and deduction" (Working Group Art. 29, "Opinion 05/2014 on anonymisation techniques", WP216; see also provisions dated 18 July 2023, no. 311, web doc. no. 9920562; 2 March 2023, no. 65, web doc. no. 9874480; 25 February 2021, no. 68, web doc. no. 9567429; 2 July 2020, no. 118 and 119, web doc. no. 9440042 and no. 9440025).

Furthermore, in the case of conversations, the interested parties can be directly identified when explicit reference is made to a specific person in the conversation, for example by mentioning their name and surname.

With reference to the processing, within the "Protector" project, of messages published on the "Twitter" platform (now called "X") and comments published on the "YouTube" platform, in order to extract information relating to hate content or to the emotions expressed, the Municipality stated that the content of such messages, once analyzed, was deleted.

The data relating to the users of "YouTube" (usernames), authors of the aforementioned comments, were also immediately deleted, while the data relating to the users of "Twitter" ("X") (usernames) were only pseudonymised, being Each real username has been replaced with a randomly and automatically generated “ID”. Therefore, with reference to the networks of users on "Twitter" ("X"), involved in the publication of hate messages, the Municipality carried out a mere pseudonymisation and not anonymisation.

In this regard, it must be highlighted that the regulations on the protection of personal data also apply with regard to data subject to pseudonymisation, meaning by this "the processing of personal data in such a way that the personal data can no longer be attributed to a specific interested party without the use of additional information, provided that such additional information is kept separately and subject to technical and organizational measures intended to ensure that such personal data is not attributed to an identified or identifiable natural person" (cons. 26 and art. 4 point 5 of the Regulation). This means that the use of "additional information" can lead to the identification of individuals, which is why pseudonymised personal data should still be considered personal data. In other words, pseudonymisation, as a technique aimed at data protection, is not equivalent to anonymisation (see paragraph 26 of the Regulation and art. 32, par. 1, letter a), of the Regulation, where mentions "pseudonymisation" among the possible technical measures aimed at guaranteeing a level of security appropriate to the risk; see provision 27 January 2021, n. 34, doc. web no. 9549165). Therefore, as recently reiterated by the Court of Justice of the European Union, "it follows from Article 4, point 5, of the [Regulation], in conjunction with recital 26 of that regulation, that personal data which have only been the subject of pseudonymisation and which could be attributed to a natural person through the use of additional information must be considered information about an identifiable natural person, to which the principles relating to data protection apply" (sentence C-683/21, Nacionalinis visuomenės sveikatos centras, 5 December 2023).

Anonymous data, however, is anonymous only if it does not allow in any way the direct or indirect identification of a person, taking into account all the means (economic, information, technological resources, skills, time) available to the person (owner or other person) try to use these tools to identify an interested party.

Furthermore, the police forces involved in the project (Local Police of the Municipality of Trento; Antwerp Police; Ministry of the Interior of Bulgaria) had access to a version of the platform in which the networks of users on Twitter ("X") could be displayed with the usernames shown in plain text, albeit without any information on the type of messages that these users have exchanged (see next paragraph 3.6).

In light of all the preceding considerations, it must be concluded that - differently from what was proposed by the Municipality and despite the measures adopted by it, through the Foundation, in order to reduce the risk of identification of the interested parties - the video recordings, the files audio files containing conversations and information relating to user networks on the "Twitter" platform ("X"), subjected to pseudonymisation, must be considered information relating to identifiable natural persons, who, consequently, constitute "personal data" (art. 4, par. 1, n. 1), of the Regulation), the processing of which, for the entire life cycle of the data in the context of the two projects, should have respected the data protection principles (articles 5 and 25 of the Regulation ) and be based on a suitable legal basis that could justify the same (articles 6, 9 and 10 of the Regulation; articles 2-ter, 2-sexies and 2-opties of the Code).

3.4 The lawfulness and correctness of the processing.

The processing of personal data must take place in compliance with the provisions of the Regulation and the Code.

“Personal data” means “any information relating to an identified or identifiable natural person (“data subject”)”. Furthermore, “an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more elements characteristic of his physical, physiological, genetic, psychological, economic, cultural or social identity” (art. 4, par. 1, n. 1 of the Regulation).

The processing of data belonging to particular categories, including data relating to religious beliefs (see art. 9, par. 1, of the Regulation), is generally prohibited, without prejudice to the exceptions expressly provided for by the art. 9, par. 2, of the Regulation.

In this framework, public entities, in compliance with the principle of "lawfulness, correctness and transparency" (art. 5, par. 1, letter a), of the Regulation), can process personal data, also relating to particular categories of data (see art. 9, par. 1, of the Regulation), if the processing is necessary to fulfill a legal obligation to which the data controller is subject or for the execution of a task of public interest or connected to the exercise of public powers vested in the data controller (art. 6, par. 1, letters c) and e), as well as art. 9, par. 2, letter. g), of the Regulation and 2-ter and 2-sexies of the Code).

With specific regard to the processing of data relating to criminal convictions and crimes or related security measures, it is highlighted that this can only take place under the control of the public authority or if the processing is authorized by the law of the Union or of the Member States which provides appropriate guarantees for the rights and freedoms of the interested parties (art. 10 of the Regulation), or only if the processing is authorized by a law or, in the cases provided for by law, a regulation (art. 2-octies, paragraphs 1 and 5, of the Code).

In relation to the processing of personal data carried out for the pursuit of scientific research purposes, art. 89 of the Regulation, pursuant to which "processing for archiving purposes in the public interest, scientific or historical research or statistical purposes is subject to adequate guarantees for the rights and freedoms of the interested party, in accordance with this regulation. These guarantees ensure that technical and organizational measures have been put in place, in particular in order to guarantee compliance with the principle of data minimization", according to which personal data must be "adequate, relevant and limited to what is necessary with respect to the purposes for which are processed" (art. 5, par. 1, letter c), of the Regulation).

With regards to scientific research activities which have as their object the particular categories of data referred to in art. 9 of the Regulation, par. 2, letter. j), of the same article admits that such data may be processed for scientific research purposes on the basis of Union or national law, which is proportionate to the purpose pursued, respects the essence of the right to data protection and provides for appropriate and specific to protect the fundamental rights and interests of the interested party, in compliance with the aforementioned art. 89, par. 1, of the Regulation.

The processing of personal data for scientific research purposes must, in any case, be carried out in compliance with the provisions of the Code (104 et seq.), the Provisions relating to the processing of personal data carried out for scientific research purposes (annex 5 to provision of 5 June 2019, no. 146, web doc. no. 9124510), as well as the ethical rules for processing for statistical or scientific research purposes (annex A5 to the Code), which constitute an essential condition for the lawfulness and correctness of the processing carried out for this purpose (see articles 2-quater and 106 of the Code and 21, paragraph 5, of Legislative Decree no. 101 of 10 August 2018).

Having thus briefly reconstructed the relevant legal framework regarding data protection, it is highlighted that the Municipality claimed during the investigation to have used the aforementioned anonymisation techniques in order to mitigate the impact of the two projects on fundamental rights and freedoms of the interested parties, as it is therefore not in dispute that the Municipality collected and processed personal data as part of the two projects.

With regard to the conditions of lawfulness of the processing of personal data in the context of the "Marvel" and "Protector" projects, the Municipality stated that "the legal basis of the processing is identified in the legal and statutory provisions (art. 2 regional law n. 2/2018, articles 3 and 7 Statute of the Municipality [...]) which include among the administrative functions of local interest attributed to the municipalities the cultural, social and economic development of the population, to which the development of the "Trento" program can certainly be traced back Smart city” (as a strategic project of the Municipality), which includes the [aforesaid three] projects […]”.

The aforementioned provisions, which attribute to the Municipality a completely generic and merely programmatic competence for the purposes of promoting the cultural, social and economic development of the population, cannot be considered suitable to satisfy the quality requirements of the legal basis for the purposes of the articles. 5, par. 1, letter. a), 6, par. 1, letter. e), and par. 2 and 3, and 9, par. 2, letter. g), of the Regulation (see also cons. 41), as well as 2-ter, 2-sexies and 2-octies of the Code.

As, in fact, stated by the Court of Justice of the European Union, pursuant to art. 52, par. 1, first sentence, of the Charter of Fundamental Rights of the European Union ("CDFEU"), any limitations on the exercise of the rights and freedoms recognized by the latter, which include, in particular, the right to respect for private life, guaranteed from the art. 7 of the Charter, and the right to protection of personal data, enshrined in art. 8 of the Charter, must be provided for by law, which implies, in particular, that the legal basis which allows the interference with such rights must itself define the scope of the limitation of the exercise of the right in question. In particular, "to satisfy the proportionality requirement, which finds expression in Article 5, paragraph 1, letter c) of the regulation [...] the legislation on which the processing is based must provide clear and precise rules governing the scope and the application of the [envisaged] measure and impose minimum requirements so that the persons whose personal data are affected have sufficient guarantees to effectively protect [the] data against the risk of abuse. Such legislation must be legally binding within the national legal system and, in particular, indicate in which circumstances and under what conditions a measure involving the processing of such data can be adopted, thus ensuring that the interference is limited to what is strictly necessary. ” (sent. C-175/20, Valsts ieņēmumu dienests, 24 February 2022, par. 83).

In this regard, the Court also stated that the legislation containing a measure which allows such an interference must provide clear and precise rules governing the scope and application of the measure in question and establishing minimum requirements, so that the persons whose personal data have been processed have sufficient guarantees to effectively protect such data against the risks of abuse (see C-175/20, cit., para. 55; see art. 6, par. 3, of the Regulation, as well as paragraph 45 of the same; with regard to cases addressed by the Guarantor in the public sector in relation to the issue of the legal basis and the conditions of lawfulness for the processing of personal data using artificial intelligence systems or, more generally, of new technologies based on algorithmic logic, see, among others, provisions of 13 April 2023, nos. 122 and 123, web doc. nos. 9896808 and 9896412; 30 July 2022, no. 276, web doc. no. 9808839; 24 February 2022, no. 78, web doc. no. 9751895; 22 December 2021, n. 453, doc. web no. 9738520; 16 September 2021, n. 317, doc. web no. 9703988).

Furthermore, any limitations to the fundamental rights to respect for private life and protection of personal data (and Articles 7 and 8 of the CDFEU) "may [...] be made, [as well as] provided that, in accordance with Article 52, paragraph 1 of the Charter, they are provided for by law" and "respect the essential content of fundamental rights as well as the principle of proportionality. By virtue of this principle, limitations may be made only where they are necessary and effectively respond to objectives of general interest recognized by the Union or to the need to protect the rights and freedoms of others. They must operate within the limits of what is strictly necessary and the legislation entailing the interference must provide clear and precise rules governing the scope and application of the measure in question” (C-184/20, Vyriausioji tarnybinės etikos komisija, 1 August 2022, par. 64).

Similarly, the European Court of Human Rights has reiterated on several occasions that “an interference [with the right to respect for private and family life] may be justified under Article 8, paragraph 2 [of the European Convention on Human Rights] man – “ECHR”], only if it complies with the law, if it pursues one or more of the legitimate objectives referred to in paragraph 2 of Article 8 and if it is necessary in a democratic society to achieve those objectives” (“ Glukhin v. Russia”, “application no. 11519/20”, 4 July 2023, para. 75). This interference also occurs when video devices are used in public places which require the recording of images ("Peck v. United Kingdom", "Application no. 44647/9", 28 January 2003, paragraph 59; see also, although in a different context, “Perry v. United Kingdom”, “application no. 63737/00”, 17 July 2003, paragraph 38).

The law must in any case satisfy the necessary "quality" requirements of the legal basis, with the consequence that "in the context of the collection and processing of personal data, it is therefore essential to have clear and detailed rules governing the scope and application of the measures, as well as minimum guarantees regarding, among other things, the duration, storage, use, third party access, procedures to preserve the integrity and confidentiality of the data and the procedures for their destruction, thus providing sufficient guarantees against the risk of abuse and arbitrariness” (“Glukhin v. Russia”, cit., para. 77). This also taking into account that "the need for such guarantees [, aimed at preventing any use of personal data that may be in conflict with the guarantees of art. 8 of the ECHR], is even greater when it comes to protecting personal data subjected to automated processing [...] and above all when the available technology becomes increasingly sophisticated" (ibidem, par. 75).

In addition to being contemplated by law, any interference by public authorities with people's fundamental rights, including the right to protection of private life, must, in fact, be foreseeable, in the sense that the law must be sufficiently clear in its terms to give individuals adequate guidance on the circumstances and conditions in which the authorities are authorized to resort to the measures provided for by law (see “Copland v. United Kingdom”, “Application no. 62617/00”, 3 April 2007, par . 46).

Furthermore, it is irrelevant that the interference concerns activities or conduct that take place in a public place. As, in fact, also recently reiterated by the European Court of Human Rights, "the concept of "private life" is a broad and not susceptible to an exhaustive definition [and] does not exclude activities that take place in a public context" , given that "there is [...] an area of interaction of a person with others, even in a public context, which can fall within the scope of "private life" ("Glukhin v. Russia", cit., para. 64 ; see also ruling “Satakunnan Markkinapörssi Oy and Satamedia Oy v. Finland”, “application no. 931/13”, 27 June 2017, paras. 129-131)

The considerations reported above, corroborated by the jurisprudence of the two Courts, are also valid in relation to forms of interference by public authorities which are presented to the associates as merely preparatory to the development of new technologies, such as, in this case, training of artificial intelligence algorithms (see in this regard, albeit with reference to the use of facial recognition systems for police purposes, the "Guidelines 05/2022 on the use of facial recognition technology in the area of law enforcement", adopted by the European Data Protection Board on 26 April 2023, where it is highlighted that "Article 52(1) of the Charter establishes the requirement for a specific legal basis. This legal basis must be sufficiently clear in its terms to provide citizens an adequate indication of the conditions and circumstances under which the authorities are authorized to resort to any data collection and covert surveillance measures. It must indicate with reasonable clarity the scope and methods of exercise of the relevant discretionary power conferred on public authorities, so as to guarantee people the minimum level of protection provided for by the rule of law in a democratic society. Furthermore, legitimacy requires adequate guarantees to ensure, in particular, respect for the rights of the individual under Article 8 of the [CDFEU]. These principles also apply to the processing of personal data for the purposes of evaluation, training and further development of [facial recognition] systems”; with regard to the quality requirements of the legal basis, in the different healthcare context, see also the recent "Decalogue for the creation of national health services through Artificial Intelligence systems", adopted by the Authority on 10 October 2023, doc. web no. 9938038, par. 1; see, also, the provisions of 13 April 2023, nos. 122 and 123, cit., relating to the processing, by public entities, in the absence of an appropriate legal basis, of personal data contained in films obtained using video devices, as part of a project which involved the use of detection algorithms of faces based on convolutional neural networks).

In the present case, as highlighted above, the existence of any legal framework, suitable in terms of rank and quality, to justify the processing of personal data carried out by a public entity, such as the Municipality, data controller, in the the scope of the “Marvel” and “Protector” scientific research projects, and the resulting interference with the fundamental rights and freedoms of the people whose data were collected and processed.

The Municipality, in fact, declared that it had trusted in good faith that the treatments in question could be brought back to the legal framework regarding urban safety. However, differently from what was believed by the Institution, the art. 5, paragraph 2, letter. a), of the legislative decree 20 February 2017, n. 14, allows Municipalities to "install video surveillance systems" for the sole purpose of "preventing and combating the phenomena of widespread and predatory crime", subject to the stipulation of an agreement for the implementation of urban security with the territorially competent Prefecture. This sector regulation - which in any case does not contemplate the use of microphones for the acquisition of the audio signal - therefore provides for a specific restriction on the purposes of the processing (see art. 5, par. 1, letter b) , of the Regulation), as the use of video surveillance images by local authorities for further processing purposes is therefore not normally permitted, especially if it conflicts with the reasonable expectations of the interested parties ( see, in this sense, precisely with reference to the field of video surveillance for urban security purposes, provision of 20 October 2022, no. 341, web doc. no. 9831369).

The Municipality also invoked art. 2-ter, paragraph 1-bis, of the Code, on the assumption that the processing carried out is necessary for the exercise of the Institution's institutional functions. In this regard, it must be highlighted that this provision of the Code still requires "compliance with Article 6 of the Regulation" and, therefore, also the quality requirements of the legal basis referred to in paragraphs. 2 and 3, which, as mentioned above, are not found in the generic provisions indicated by the Municipality. The art. 2-ter of the Code does not, in any case, apply to the processing of data relating to particular categories.

It is then noted that the Municipality considered "pertinent the provisions of Annex A.5 of the [Code] containing the ethical rules for processing for statistical or scientific research purposes, in compliance with the art. 89 of the GDPR", although it has specified that it does not believe that these provisions constitute "a legal basis specific to the Municipality". In other words, the Municipality would have implemented the principles and rules of conduct referred to in the aforementioned Code of Conduct, for the purposes of defining the methods of carrying out the two projects, without recognizing the direct applicability of the same to the specific case.

In this regard, it is noted that the Municipality has not proven that scientific research activity is included among its institutional competences, therefore it cannot be considered a "research institute or body" for the purposes of the art. 1, par. 1, letter d), of the aforementioned Rules of Ethics; nor has the Municipality proven to have acted, within the scope of the two projects, through its own Statistics Office, established pursuant to Legislative Decree 322/1989 The purpose of scientific research is not included among the institutional competences of the Municipality and, therefore, the processing of personal data in question cannot be considered authorized under the European and national legal framework which defines, among others, the subjective and objective prerequisites to carry them out (see articles 6 and 89 of the Regulation; article 106 of the Code; Ethics rules for processing for statistical or scientific research purposes).

Added to this is that among the criteria identified at international and national level to recognize the nature of a research institution in the hands of a specific entity there is, first of all, the institutional purpose pursued, which must contain a reference to the research activity , identified on the basis of what is indicated in the law or in another act establishing the organisation, or in the statute, regulation or other organizational act (see art. 5-ter of Legislative Decree no. 33 of 14 March 2013 and the Guidelines guide, adopted in implementation of the relevant paragraph 3, by the Statistical Information Steering and Coordination Committee - Comstat; see opinion of the Guarantor adopted with provision of 21 June 2018, no. 388, web doc. no. 9023239). With particular reference to particular categories of data (art. 9 of the Regulation) and data relating to crimes (art. 10 of the Regulation), the Municipality has also not indicated any legal framework that expressly provides for and regulates in detail the types of data, the operations that can be performed and the appropriate and specific measures to be adopted in relation to the processing carried out for the scientific research activities carried out in the context of the aforementioned projects, therefore lacking, also from this point of view, the conditions of lawfulness provided for by the articles. 9, par. 1, letter. g) and j), and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code.

Nor can the contractual agreements stipulated between the Municipality, the other project partners and the European Commission be relevant. In fact, in this regard, it is noted that these agreements attribute to the beneficiaries of the grants the responsibility for ensuring compliance with the legislation on data protection (see art. 39.2 of the "Grant Agreement" relating to the Marvel project and art. 23.2 of the "Grant Agreement" relating to the "Protector" project; see also art. 4.4 of the "Consortium Agreement" relating to the "Marvel" project, which states that "each Party is required to ensure that the collection, processing and the sharing of personal data and/or particular categories of personal data comply with the Regulation […] and other regulations […] regarding personal data. The Parties will therefore ensure the existence of a legal basis […] in accordance with the GDPR before sharing any personal data and/or special categories of personal data", as well as art. 10.8 of the "Consortium Agreement" relating to the "Protector" project, which states that "the Parties must process personal data in accordance to applicable national and EU data protection laws (including, but not limited to, authorization or notification obligations). Each Party represents and warrants that all personal data required for use in the Project and collected, processed or further used by it will be collected, processed or further used in accordance with all relevant laws and regulations (and, where applicable, with local ethical guidelines) regarding the collection, use, transport and subsequent destruction of personal data").

In light of the foregoing considerations, it must be concluded that the Municipality, in the context of the "Marvel" and "Protector" projects, processed personal data, including those relating to crimes and belonging to particular categories (religious beliefs), in contravention of the reasonable expectation of confidentiality of the interested parties, in a manner that does not comply with the "principle of lawfulness, correctness and transparency" and in the absence of a legal basis, in violation of the articles. 5, par. 1, letter. a), 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code.

3.5 Transparency of processing.

In compliance with the principle of "lawfulness, correctness and transparency", the data controller must take appropriate measures to provide the interested party, before starting the processing, with all the information required by the Regulation in a concise, transparent, intelligible and easily accessible form, with simple and clear language (articles 5, par. 1, letter a), 12, 13 and 14 of the Regulation).

When video surveillance systems are used, the data controller, in addition to providing first level information by affixing warning signs near the area subjected to video surveillance, must also provide interested parties with "second level information", which must “contain all the mandatory elements pursuant to Article 13 of the [Regulation]” and “be easily accessible to the interested party, for example through a complete information page made available in a central hub […] or posted in a place of easy access" (European Data Protection Committee, "Guidelines 3/2019 on the processing of personal data through video devices", of 29 January 2020, in particular par. 7; but see already the "Provision on video surveillance ” of the Guarantor of 8 April 2010, web doc. no. 1712680, in particular par. 3.1, as well as, lastly, the Guarantor's FAQ no. 4 regarding video surveillance, doc. web no. 9496574; see, also, provisions of 20 October 2022, n. 341, doc. web no. 9831369; 28 April 2022, n. 162, doc. web no. 9777974, 7 April 2022, n. 119, doc. web no. 9773950, 16 September 2021, n. 327, doc. web no. 9705650 and 11 March 2021, n. 90, doc. web no. 9582791).

The first level information (warning sign) “should communicate the most important data, for example the purposes of the processing, the identity of the data controller and the existence of the data subject's rights, together with information on the most significant impacts of the treatment” (Committee Guidelines, cit., par. 114). Furthermore, the signs must also contain information that may be unexpected for the interested party. This could, for example, concern the transmission of data to third parties, in particular if located outside the EU, and the retention period. If such information is not indicated, the data subject should be able to trust that there is only real-time surveillance (without any data recording or transmission to third parties) (Committee Guidelines, cit., para. 115). The first level warning sign must contain a clear reference to the second level of information, for example by indicating a website on which it is possible to consult the text of the extended information.

During the investigation, the Municipality claimed to have fulfilled its information obligations towards the interested parties by installing signs containing first-level information on data processing (see annex 1 to the protocol note n. XX of the XX ), near the cameras and microphones placed in public streets, as well as by publishing extensive information on data processing on its institutional website (https://www.comune.trento.it/content/download/1465552/13956310/ file/INFORMATIVA%20PUBLIC%20MARVEL_Rivista-1.pdf, as reported in the aforementioned note of the XX).

With reference to the information on the processing of first level data, it is noted that the same, while mentioning the "Marvel" and "Protector" projects ("retention is permitted for a maximum period of six months starting from the date of the survey, in in relation to the aims of protecting urban safety connected to the development of the European projects Marvel (grant agreement n° 957337) and Protector (grant agreement n° 101034216) and further projects financed by the European Union"), does not specifically refer to the aim of processing connected to scientific research, erroneously leaving the interested parties to understand that the processing of personal data, carried out as part of the two projects, is also attributable to the purposes of urban security; so much so that, in its defense briefs, the Municipality took note of the "possible misunderstanding generated among citizens resulting from the fact that the purpose of the data processing was not clear" and made clear its intention to "adapt the information will make it necessary to use for future occurrences." Nor can the Municipality's defense be accepted, according to which "in the information [...] they were identified and explained in relation to the legal basis of the processing considered relevant", given that, as illustrated above, the Municipality has implemented data processing personal for a specific processing purpose, i.e. scientific research, distinct from that of urban security, whose legal framework of reference (Legislative Decree 20 February 2017, n. 14), as mentioned, is not applicable to the context in question. The conduct of the Municipality has, therefore, resulted in the violation of the art. 13, par. 1, letter. c), of the Regulation

Furthermore, although the information contains a reference to audio, the interested parties were not put in a position to understand that the content of their conversations would also be acquired and processed for the purposes of the Marvel project, an aspect which is certainly to be considered one of the more substantial impacts of the treatment. Also in relation to this profile, the argument used by the Municipality in the defense brief cannot be accepted, namely that "the failure to indicate in the information that the equipment was also capable of picking up people's conversations is also justifiable from the fact that, due to the intrinsic characteristics of the recording system (as described above) the actual possibility of hearing relevant semantic contents was to be considered an almost null eventuality", taking into account that, as illustrated above at length, the possibility of acquiring the content of conversations was not, however, fundamentally excluded and that, in the documentation relating to the project, the acquisition of this content constituted a specific element of interest for the purposes of training artificial intelligence algorithms aimed at recognizing dangerous situations for public safety .

As for data retention times, the sign in question states that "the audio and video data are retained for a period of seven days starting from the date of collection", reasonably with reference to the purpose of urban security. In this regard, it should be noted that art. 7, paragraph 8, of the legislative decree. February 23, 2009 allows "the conservation of data, information and images collected through the use of video surveillance systems is limited to seven days following the detection, without prejudice to special needs for further conservation". This term cannot, however, be applied in relation to audio, the collection of which is not permitted by the regulatory framework regarding video surveillance for urban security purposes. With specific regard to the "Marvel" and "Protector" projects, the same sign states that "conservation is permitted for a maximum period of six months starting from the date of the survey", a term which, however, is not reflected in the declarations made by the Common during the investigation and which is in any case inconsistent with the alleged immediate anonymization of the data. Therefore, the art. is violated. 13, par. 2, letter. a), of the Regulation.

Regarding the mention of the rights of the interested parties, the first level information limits itself to mentioning only the right of access to data, making a generic reference to "other rights recognized by law", without an express reference to the articles. 15-22 of the Regulation, resulting in a consequent violation of art. 13, par. 2, letter. b), of the Regulation. In fact, it must be highlighted that the mention in summary form in the first level information of the rights of the interested parties is permitted only to the extent that the sign contains a clear reference to the extended second level information for a complete illustration of these rights ( see the exemplary information sign proposed by the European Data Protection Committee in paragraph 116 of the aforementioned "Guidelines 3/2019 on the processing of personal data through video devices", which states that "as an interested party, you can exercise various rights, in particular the right to request the data controller to access or delete personal data. For more information on video surveillance and your rights, consult the complete information provided by the data controller [...]" (see also the similar exemplary sign published on the Guarantor's website on 3 December 2020, web document no. 9496244). In this case, the Municipality has, however, failed to provide the interested parties with clear indications regarding the methods with which the interested parties they could have consulted the complete information on the processing of personal data.

In fact, in pointing out the possibility of consulting "the complete information on the processing of personal data", as well as at the Municipality's headquarters, the first level information sign refers to the "institutional website of the Municipality", without indicating the specific page /section of this site on which the complete information can be found, thus, in effect, hindering the possibility for interested parties to access it (see, moreover, the information sign proposed, by way of example, at points 115-116 of the aforementioned Committee Guidelines, which also envisages the possibility - without there being an obligation in this regard - of inserting a so-called "QR Code", precisely for the purpose of facilitating the possibility for interested parties to quickly and easily access the information second level).

However, with regard to the second level information, it is noted that it refers "to the processing of personal data acquired through the use of video surveillance systems owned by the Municipality [...] used for the development of the European MARVEL Projects (Grant Agreement n° 957337) and PROTECTOR (Grant Agreement n° 101034216)”, without mentioning the microphones used as part of the “Marvel” project for audio collection.

Furthermore, in referring below to "video/audio sources", we omit to specify that the audio could also concern conversations between people present on public streets, an aspect which is certainly to be considered one of the most significant impacts of the treatment.

The information then completely fails to illustrate the processing of personal data concerning users who have published messages on the "Twitter" platform (X) or comments on the "YouTube" platform as part of the "Protector" project, also with regard to the communication of information relating to the "Twitter" user networks (X) to the Antwerp Police and the Bulgarian Ministry of the Interior, as well as the processing of the same information by the Local Police of the Municipality. With reference to these interested parties, or to the authors of the aforementioned messages/comments, the art. is therefore overall violated. 14 of the Regulation, taking into account that such personal data is not collected from the interested parties.

As for the legal basis of the processing, the information states that "the processing is carried out for the execution of a task of public interest, pursuant to art. 6 of EU regulation no. 2016/679", legal basis which, for the reasons illustrated above, is not applicable in reference to the "Marvel" and "Protector" research projects. Furthermore, the information presents the provision of data as mandatory, on the erroneous assumption that the two projects would pursue "purposes of protecting urban safety and public heritage, pursuant to the provisions of art. 6, paragraphs 7 and 8, of the legislative decree of 23 February 2009 n. 11 (converted with law 23 April 2009 n. 38) and by art. 3, paragraph 2, of the regulation for the use of video surveillance systems". Therefore, the art. is violated. 13, par. 1, letter. c), of the Regulation.

As regards the scope of data communication, the Municipality, on the assumption of having used adequate data anonymisation techniques, failed to inform the interested parties that their personal data are shared with the other project partners and, as regards to the “Protector” project, with the European Commission and the project reviewers, in violation of art. 13, par. 1, letter. e), of the Regulation.

Finally, it is noted that the "rights of the interested party" section does not contain any reference to the right of interested parties to "lodge a complaint to a supervisory authority", in violation of the art. 13, par. 2, letter. d), of the Regulation).

In relation to the "data retention term", it is stated that "the data are retained for a period of time not exceeding six months starting from the date of collection"; therefore, the same findings already made with regard to the first level information apply, with the consequence that the art is violated. 13, par. 2, letter. a), of the Regulation.

Taking into account all the preceding considerations, it is established that the Municipality acted in violation of the articles. 13, par. 1, letter. c) and e), par. 2, letter. a), b) and d), and 14 of the Regulation.

In light of the gravity, the transversal nature and the consequences of the violations committed by the Municipality with regards to the transparency of the processing, with particular reference to the omission of detailed information regarding the processing of the content of the conversations and the total absence of information intended for the users of "Twitter" ("X") and "YouTube", it is believed that, in this case, the Municipality has also acted in a manner that does not comply with the principle of "lawfulness, correctness and transparency", in violation of the art. 5, par. 1, letter. a), of the Regulation.

3.6 The scope of data communication.

During the investigation, the Municipality stated that the audio-video contents used within the "Marvel" project, allegedly anonymized, are shared with the project partners, while, within the "Protector" project, such contents , as well as the pseudonymized usernames of the authors of the messages/comments published on the "Twitter" ("X") and "YouTube" platforms, are shared not only with the partners, but also with the European Commission and the project reviewers.

Taking into account what has been illustrated above in relation to the inadequacy of the anonymisation techniques used (see par. 3.3), the nature of personal data of the pseudonymized information (ibidem) and the absence of a legal framework of reference for the purposes of conducting the two research projects (see par. 3.4), the communication of the personal data in question, including those relating to crimes and particular categories of data (religious beliefs), occurred in a manner that did not comply with the principle of "lawfulness, correctness and transparency" and in the absence of a legal basis, in violation of the articles. 5, par. 1, letter. a), 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code.

This is also considering that the presence of a specific user within a network of users implies that he or she has published hate messages in a religious context (which are also freely consultable on the user's profile), with the consequence that the communication in question also concerns personal data relating to crimes and particular categories of data (religious beliefs).

Furthermore, as part of the Protector project, the usernames of the authors of the messages published on the “Twitter”(“X”) platform, which constitute a network, were shared unencrypted with the Antwerp Police and the Ministry of the Interior of Bulgaria; therefore, the Municipality acted, also in relation to said processing, in a manner not compliant with the principle of "lawfulness, correctness and transparency" and in the absence of a legal basis, in violation of the articles. 5, par. 1, letter. a), 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code.

3.7 The data protection impact assessment.

In case of high risks for the interested parties - deriving, for example, from the use of new technologies and always present where large-scale systematic surveillance of an area accessible to the public is carried out (see art. 34, par. 3, letter c), of the Regulation) - the data controller must also carry out an impact assessment on data protection, in order to adopt, in particular, the appropriate measures to address such risks, consulting the Guarantor in advance, where necessary. prerequisites (see articles 35 and 36, paragraph 1, of the Regulation).

In the present case, the Municipality was certainly subject to the obligation to draw up a data protection impact assessment, pursuant to art. 36 of the Regulation, before starting the processing connected to the "Marvel" and "Protector" projects.

This, first of all, considering that, pursuant to art. 35, par. 3, letter. c), of the Regulation, the impact assessment is always required in the case of "large-scale systematic surveillance of an area accessible to the public", a circumstance which occurs in the present case, given the use of video surveillance cameras and microphones installed on public roads.

More generally, there is no doubt that, taking into account, in particular, the use of new technologies, such as artificial intelligence techniques, and the nature of the data being processed (content of conversations; data relating to crimes; data relating to religious beliefs), the Municipality was obliged to carry out an impact assessment on data protection (see art. 35, par. 1, of the Regulation; see Working Group art. 29, "Guidelines regarding data protection impact assessment and determination of the possibility that the processing "may present a high risk" for the purposes of Regulation (EU) 2016/679", of 4 April 2017, in particular section III, where it is clarified that a data protection impact assessment is required when at least two of the nine criteria indicated therein exist, which, in the specific case, can be found in "systematic monitoring", in "sensitive data or data of a highly personal nature", in "processing of large-scale data” and in the “innovative use or application of new technological or organizational solutions”.

Having clarified this, it is noted that the Municipality declared that it had drawn up an impact assessment on data protection pursuant to art. 35 of the Regulation and produced a document in the documents, called "IMPACT ASSESSMENT ON DATA PROTECTION - T-08-012 - Treatment of research projects for the development of intelligent video surveillance systems".

This document appears to be undated and does not bear the signature of either the legal representative of the Municipality or any other person authorized for this purpose, circumstances which do not allow it to be verified that the document in question was drawn up before the date of commencement of the processing and of attribute the same to the Institution.

In this regard, the Municipality stated in its defense briefs that the impact assessment would have been completed "already on 19 January 2022 (when it was shared for the first time with the DPO [...])" and that the same would was "subsequently inserted into the IT application containing the register of processing activities [...] in March 2023, only after having obtained the final opinion of the DPO". Although the Municipality believes "to have [therefore] documented the fact that the Municipality had carried out the impact assessment before the start of the treatments (February 2022 for the video part, March 2023 for the audio part) and that the evaluation itself is attributable to the Entity), it must, however, be observed that the Entity has not produced any evidence aimed at proving the actual insertion of the document in question "in the IT application containing the register of processing activities" and that this procedure was suitable to attribute a certain date to the document. In any case, the circumstance is confirmed that this document was not validly signed by the Mayor or by another person with the necessary powers for the purposes of the necessary assumption of responsibility for what is represented in it.

In light of the foregoing considerations, it is confirmed that the Municipality has not demonstrated that it has drawn up an impact assessment on data protection before implementing the processing of personal data as part of the "Marvel" and "Protector" projects.

It is then noted that, in any case, the document in question concerns exclusively the processing of personal data connected to the use of "intelligent video surveillance systems" and, therefore, it does not take into consideration the processing carried out within the scope of the “Protector” project with reference to the personal data of users of “Twitter” (“X”) and YouTube.

This document is, more generally, unsuitable for satisfying the requirements of the art. 35, par. 7, of the Regulation, given that the "Marvel" and "Protector" projects, of which no express mention is made, are not precisely described (see art. 35, par. 7, letter a), of the Regulation).

Furthermore, the document does not contain any assessment regarding the "necessity and proportionality of the processing in relation to the purposes" and in particular does not illustrate the reasons why the Municipality could not have conducted the scientific research projects in question in simulated urban environments , or without collecting and processing the personal data of people actually present in the public street or without processing certain types of data characterized by particular sensitivity, such as the content of conversations (see art. 35, par. 7, letter b), of the Regulation).

The impact assessment is then limited to considering only the possible violations or threats of data security, moreover in reference to IT systems and databases which are not clearly identified and described, making the analysis carried out completely generic and divorced from the actual means of processing, even very sophisticated from a technological point of view, used in the two projects in question, making it therefore impossible to understand the actual impending risk in terms of data security and the suitability of the measures implemented by the owner to mitigate the same ( art. 35, par. 1, letter d), of the Regulation).

However, the document does not take into consideration in any way the other risks for the rights and freedoms of the interested parties (art. 35, par. 1, letter c), of the Regulation) not connected to the physical and logical security of the data, especially with regard to the possible consequences for data subjects deriving from the processing of particularly sensitive information such as the content of conversations, data relating to crimes and data relating to religious beliefs. Nor are the measures adopted to mitigate these risks analyzed (art. 35, par. 1, letter d) of the Regulation).

Finally, it is believed that, taking into account the particular invasiveness of the treatments relating to the capture of audio in public streets and the consequent compression of the fundamental rights and freedoms of the interested parties, the Municipality should have previously collected the opinions of the citizens regarding the initiative that it was intended to undertake (art. 35, par. 9, of the Regulation).

In light of the preceding considerations, it is believed that the Municipality acted in violation of the art. 35 of the Regulation.

4. Conclusions.

In light of the assessments mentioned above, it is noted that the declarations made by the data controller during the investigation are the truthfulness of which one may be called upon to respond to pursuant to art. 168 of the Code ˗, although worthy of consideration, do not allow us to overcome the findings notified by the Office with the act of initiating the proceeding and are insufficient to allow the dismissal of this proceeding, as, moreover, none of the cases envisaged by the 'art. 11 of the Guarantor Regulation n. 1/2019.

Therefore, the preliminary assessments of the Office are confirmed and the illegality of the processing of personal data carried out by the Municipality is noted, for having implemented processing of personal data in a manner that does not comply with the principle of "lawfulness, correctness and transparency", in violation of the art. 5, par. 1, letter. a) of the Regulation; in the absence of a legal basis, in violation of the articles. 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code; failing to provide interested parties with some of the information required by data protection regulations, in violation of 13, par. 1, letter. c) and e), and par. 2, letter. a), b) and d), and 14 of the Regulation; communicating personal data to third parties, including those relating to crimes and particular categories (religious beliefs), in the absence of a legal basis, in violation of articles. 5, par. 1, letter. a), 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code; failing to draw up a data protection impact assessment compliant with the requirements of data protection legislation, in violation of art. 35 of the Regulation.

Taking into account that the multiple violation of the aforementioned provisions took place as a result of a single conduct (same treatment or related treatments), art. 83, par. 3 of the Regulation, pursuant to which the total amount of the administrative fine does not exceed the amount specified for the most serious violation. Considering that, in the present case, all violations, with the exception of that relating to art. 35 of the Regulation, are subject to the administrative sanction provided for by art. 83, par. 5 of the Regulation, as also referred to in art. 166, paragraph 2, of the Code, the total amount of the fine is to be quantified up to €20,000,000.

However, the dispute relating to the violation of the art. must be considered overcome. 28 of the Regulation, which was made against the Municipality on the assumption that, in response to the Authority's requests for information, the Body had filed a unilateral designation deed, signed solely by the Mayor, without there being evidence that the Foundation had accepted this designation, undertaking to fulfill the obligations set out therein. In its defense briefs, the Municipality has, in fact, declared that only "due to a mere material error" a non-registered version of the document had been sent to the Authority, that "the act of appointment [of the Foundation as data controller] was formalized with union decree, digitally signed by the Mayor [...] on 3 February 2022" and that "the decree was then transmitted [to the Foundation], which returned a countersigned copy on 7 February 2022 by its legal representative for acceptance of the appointment" , therefore having to order the dismissal of the proceedings limited to this profile (art. 11 of Regulation no. 1/2019).

Likewise, with regard to the clear visibility to the local Police of the Municipality of the data relating to the networks of "Twitter" ("X") users, we take note of what was declared by the Municipality regarding the circumstance which, in fact, does not there was "never [...] access to the data by the local Trentino Police Force" (defense briefs in documents). Given that the local police - which does not have general competences in matters of public security (see law 7 March 1986, n. 65) - did not process the data in question outside the specific purposes of the research project, i.e. for take measures against specific natural persons, the proceedings are archived, limited to this profile and the related disputed violations of the articles. 5, par. 1, letter. a), 6, 9 and 10 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code (art. 11 of Regulation no. 1/2019).

5. Corrective measures (art. 58, par. 2, letter d), f) and g) of the Regulation).

The art. 58, par. 2 of the Regulation gives the Guarantor the power to "order the data controller or data processor to conform the processing to the provisions of this regulation, if appropriate, in a specific manner and within a specific deadline" (letter d) , to "impose a temporary or definitive limitation on the processing, including a prohibition on processing" (letter f), as well as to "order the rectification, deletion of personal data or limitation of processing [...]" (letter g) .

Taking into account that the Municipality declared in its defense statement that "starting from 1 November 2023, steps have been taken to limit the processing of data, blocking any activity that could lead to its detection or use, with the exception of mere conservation even at defensive purposes" and expected, therefore, that the Municipality, even though it has abstained from further collection of personal data, still retains personal data relating to natural persons, obtained as part of the "Marvel" and "Protector" projects, yes makes it necessary, pursuant to art. 58, par. 2, letter. d), f) and g), of the Regulation:

impose a ban on further processing of the aforementioned personal data (video or audio recordings; messages/comments obtained from social networks; information relating to user networks on the “Twitter”/“X” platform); And

order their cancellation.

Pursuant to the articles. 58, par. 1, letter. a), of the Regulation and 157 of the Code, the Municipality must also communicate to this Authority, providing adequately documented feedback, within thirty days of notification of this provision, the initiatives undertaken in order to implement the requirements given to it.

6. Adoption of the injunction order for the application of the pecuniary administrative sanction and accessory sanctions (articles 58, paragraph 2, letters i and 83 of the Regulation; article 166, paragraph 7, of the Code).

The Guarantor, pursuant to articles. 58, par. 2, letter. i) and 83 of the Regulation as well as art. 166 of the Code, has the power to "impose a pecuniary administrative sanction pursuant to article 83, in addition to the [other] [corrective] measures referred to in this paragraph, or in place of such measures, depending on the circumstances of each single case" and, in this context, "the Board [of the Guarantor] adopts the injunction order, with which it also provides for the application of the additional administrative sanction of its publication, in full or in extract, on the website of the Guarantor pursuant to article 166, paragraph 7, of the Code” (art. 16, paragraph 1, of the Guarantor Regulation no. 1/2019).

In this regard, taking into account the art. 83, par. 3 of the Regulation, in this case the violation of the aforementioned provisions is subject to the application of the pecuniary administrative sanction provided for by the art. 83, par. 5, of the Regulation.

The aforementioned pecuniary administrative sanction imposed, depending on the circumstances of each individual case, must be determined in the amount taking due account of the elements provided for by the art. 83, par. 2, of the Regulation.

As regards the nature and seriousness of the violation and the sensitivity of the data affected by the violation (art. 83, par. 2, letters a) and g), of the Regulation), it must be considered that the processing in question involved public places and it was carried out without the subjects being filmed being fully aware of the actual processing purpose pursued and the scope of knowledge of the data, as well as in the absence of the necessary conditions of lawfulness, with consequent prejudice to their fundamental rights and freedoms.

Furthermore, in the absence of sufficient transparency towards the interested parties, the processing also concerned the audio signal acquired through microphones installed on public streets and therefore also private conversations, the content of which is supported by the highest constitutional guarantees (see the "Guidelines 3/2019 on the processing of personal data through video devices", cit., in particular point 129, which states that "the solutions identified should not include unnecessary functions (for example, [...] audio recordings)" , as well as the subsequent point 131, which states that among the elements that the owners should take into consideration is the "appropriate and prohibited use (where and when video surveillance is permitted and where and when it is not: for example, use of hidden cameras and audio as well as video recording)").

These massive and invasive methods of processing have entailed significant risks for the rights and freedoms of the interested parties. This not only with regard to the right to data protection but also to other rights, of constitutional rank, connected to the free expression of thought (art. 21 Constitution; see also articles 9 and 10 ECHR and articles 10 and 11 CDFEU ), participation in political and social life (articles 2 and 3 of the Constitution), freedom of assembly (article 18 of the Constitution; see also articles 11 of the ECHR and 12 of the CDFEU) and the freedom to express one's religious faith (art. 19 Constitution; see also articles 9 ECHR and 10 CDFEU), of which the right to privacy, as it is functional to the self-determination of the individual, constitutes a necessary prerequisite. Similar forms of surveillance in public spaces can, in fact, change people's behavior and even affect the exercise of democratic freedoms, especially when the surveillance contravenes the reasonable expectation of privacy of those subjected to it.

In light of these circumstances, it is believed that, in the present case, the level of severity of the violation committed by the data controller is high (see European Data Protection Committee, “Guidelines 04/2022 on the calculation of administrative fines under the GDPR” of 23 May 2023, point 60)”.

Having said this, it is necessary to consider the following mitigating circumstances:

that although the "Marvel" and "Protector" projects were conducted over a long period of time (approximately 20 and 15 months respectively), the video recordings were not acquired on a continuous basis but only in relation to a limited number of hours (309 hours for the “Marvel” project; 18 hours for the “Protector” project, of which only 4 hours are currently preserved). Similarly, as regards the audio obtained from the microphones installed on public streets as part of the "Marvel" project, the Municipality acquired a limited number of hours of recording overall (85, equal to less than four days), in a 8 month time frame. Furthermore, audio tracks of just 1 consecutive minute were acquired from each microphone, which, according to the Foundation's declarations, reported by the Municipality in its defense briefs, would largely contain silence or indistinguishable noises;

that the Municipality acted in good faith, having made an error in law, in the belief that the processing in question could be subsumed within the legal framework relating to urban security and that the measures aimed at anonymising the data were sufficient to avoid the possibility of identifying the interested parties, having, moreover, the Entity relied on the assessments of its Data Protection Officer (see, albeit in a different context, provision dated 2 July 2020, no. 118, web doc. no. 9440025) and on the specialist advice received from the Foundation, a person with high expertise in the field of scientific research;

that the Municipality, even though it has not fully fulfilled its obligations regarding transparency, declared that it has promoted "forms of public dissemination of the Projects including press releases, press releases on the Municipality's institutional website, dissemination of information regarding the Projects also via social networks of the Municipality and the Mayor” (defense briefs in documents);

that although the Municipality has not proven the certain date of preparation of the impact assessment on data protection and the document was not fully compliant with the requirements established by the legislation on data protection, it appears in documents that the Body had taken steps to drafting an impact assessment scheme and sharing it with the Data Protection Officer, whose opinion has been obtained.

On the basis of the aforementioned elements, evaluated as a whole, it is decided to determine the amount of the pecuniary sanction in the amount of 50,000 (fifty thousand) euros for the violation of the articles. 5, par. 1, letter. a), 6, 9, 10, 13, par. 1, letter. c) and e), and par. 2, letter. a), b) and d), 14 and 35 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code, as a pecuniary administrative sanction deemed, pursuant to art. 83, par. 1 of the Regulation, effective, proportionate and dissuasive.

Taking into account that the audio-video surveillance activity in question involved public places, implementing a processing of personal data that "allows [to detect] the presence and behavior of people in the space considered" ("Guidelines 3/2019 on processing of personal data through video devices", par. 2.1, cit.), without the interested parties being fully aware of the actual processing purpose pursued and of all the characteristics of the processing, with consequent prejudice to their fundamental rights and freedoms , it is also believed that the additional sanction of publication of this provision on the Guarantor's website, provided for by art., should be applied. 166, paragraph 7 of the Code and art. 16 of the Guarantor Regulation n. 1/2019.

Finally, it is noted that the conditions set out in art. 17 of Regulation no. 1/2019.

ALL THIS CONSIDERING THE GUARANTOR

declares, pursuant to art. 57, par. 1, letter. f), of the Regulation, the illegality of the processing carried out by the Municipality of Trento due to violation of the articles. 5, par. 1, letter. a), 6, 9, 10, 13, par. 1, letter. c) and e), and par. 2, letter. a), b) and d), 14 and 35 of the Regulation, as well as 2-ter, 2-sexies and 2-octies of the Code, within the terms set out in the justification;

ORDER

to the Municipality of Trento, in the person of the legal representative pro tempore, with registered office in Via Belenzani, 19 - 38122 Trento (TN), C.F. 00355870221, to pay the sum of 50,000 (fifty thousand) euros as a pecuniary administrative sanction for the violations indicated in the justification. It is represented that the offender, pursuant to art. 166, paragraph 8, of the Code, has the right to settle the dispute by paying, within 30 days, an amount equal to half of the fine imposed;

ORDERS

to the aforementioned Municipality:

a) in case of failure to resolve the dispute pursuant to art. 166, paragraph 8, of the Code, to pay the sum of 50,000 (fifty thousand) euros according to the methods indicated in the annex, within 30 days of notification of this provision, under penalty of the adoption of the consequent executive acts in accordance with the art. 27 of the law. n. 689/1981;

b) pursuant to art. 58, par. 2, letter. d), f) and g) of the Regulation:

the prohibition on processing the personal data of interested parties already collected in the context of the "Marvel" and "Protector" projects (video or audio recordings; messages/comments obtained from social networks; information relating to user networks on the "Twitter"/" platform X”);

the cancellation of the aforementioned personal data;

c) pursuant to articles. 58, par. 1, letter. a), of the Regulation and 157 of the Code, to communicate to this Authority, providing adequately documented feedback, within thirty days of notification of this provision, the initiatives undertaken in order to implement the measures imposed; any failure to comply with the provisions of this point may result in the application of the pecuniary administrative sanction provided for by the art. 83, par. 5, of the Regulation;

HAS

pursuant to art. 166, paragraph 7, of the Code, the publication of this provision on the Guarantor's website, believing that the conditions set out in the art. 17 of the Guarantor Regulation n. 1/2019.

Pursuant to the articles. 78 of the Regulation, 152 of the Code and 10 of Legislative Decree no. 150/2011, it is possible to appeal against this provision before the ordinary judicial authority, under penalty of inadmissibility, within thirty days from the date of communication of the provision itself or within sixty days if the appellant resides abroad.

Rome, 11 January 2024

PRESIDENT
Stanzione

THE SPEAKER
Ghiglia

THE GENERAL SECRETARY
Mattei