Track B

Safety in public spaces — without biometric identification

„How can AI detect dangerous situations early without violating the fundamental rights of uninvolved people?"

A safety architecture that detects collective anomalies rather than classifying persons. Civil liberties by design, not as an add-on.

Motivation

Why this research

There is no off-the-shelf technical solution in the space between security and fundamental rights. Classical predictive-policing systems operate with person-level risk scores; Art. 5(1)(d) of the EU AI Act prohibits exactly that. Art. 5(1)(h) likewise restricts biometric remote identification in public spaces, with narrow exceptions.

The question, therefore, is not how to circumvent these prohibitions, but what an architecture has to look like to be useful under them. This research answers with a methodology that models collective dynamics instead of individuals — and that makes protecting helpers (rather than classifying suspects) the explicit objective.

Methodological approach

Three-outlier model and helper protection

Instead of deterministic person classification, the three-outlier model produces exclusively calibrated probabilistic indications of statistical anomalies in collective dynamics. No person-level labels, no biometric identification, no suspicion generation — only an indication system for human decision-makers.

The second load-bearing pillar is helper protection as the objective: the system is optimised to detect and protect helpful behaviour rather than to produce suspect cases. This reversal of the objective changes the whole architecture — from annotation to threshold calibration.

The model, visualised

Three roles, one protected

The Three-Outlier model distinguishes roles in a crisis situation rather than classifying individuals. Helping people are structurally protected; fundamental-rights guardrails are written into the architecture.

Core components

The civil-liberties architecture at a glance

Legal frame

What the architecture rests on

• §Reg. (EU) 2016/679 (GDPR) Art. 89 in conjunction with § 27 BDSG — research clause
• §Reg. (EU) 2024/1689 (AI Act) Art. 5(1)(h) — ban on biometric remote identification
• §Reg. (EU) 2024/1689 (AI Act) Art. 5(1)(d) — ban on personal risk prediction
• §Reg. (EU) 2024/1689 (AI Act) Annex III — classification as high-risk system
• §BVerfGE 69, 315 — Brokdorf line protecting political assembly

Current state

What is publicly available

Get involved

Collaboration on this research

Universities with a public-safety focus, public authorities at the BMI/BSI/BBK level, and research consortia along BMBF SIFO and Horizon Europe Cluster 3 are explicitly invited to get in touch.

More from this research

Related pages

Three tracks, one core, a shared ethics foundation.

• Methodology →Pre-registration, reproducibility, external validation, data minimisation — operational standards in detail.
• Publications →arXiv, Zenodo (DOI), software releases, open-access principles.
• Resources →Code, replication material, BibTeX citation, licences, identifiers.
• Research ethics →GDPR Art. 89, AI Act Art. 5, Brokdorf line. Eight mandatory corrections.
• Public sector & research →Research offerings for BMI, BSI, BBK, universities, research consortia.
• Principal Investigator →Profile, background, identifiers, contact paths.