Research ethics and compliance
This page documents the legal, ethical, and methodological framework under which we conduct research — particularly Track B (safety in public spaces), where the relationship to fundamental rights is addressed structurally, not as an add-on.
Scope
The principles documented here apply to all research activities. The emphasis is on Track B (predictive early-warning in public spaces), where the tensions between safety research and fundamental rights are most acute.
Legal framework
Processing for scientific research purposes operates under the safeguards of Art. 89(1) GDPR and the German specification in § 27 BDSG: pseudonymisation where feasible, data minimisation, purpose limitation, technical and organisational measures. The current research design does not process special categories of personal data under Art. 9 GDPR.
The research architecture is designed to remain outside the scope of prohibited practices under Art. 5 AI Act. In particular, it performs no real-time remote biometric identification (Art. 5(1)(h)) and does not identify natural persons. Classifications refer exclusively to statistical properties of crowd dynamics, not to identifying features.
The AI Act prohibits AI systems that assess natural persons in order to predict the likelihood of a criminal offence. The research architecture does not assess individuals. It analyses statistical properties of collective dynamics with respect to escalation potential. It produces no offence prognoses, no attributions of guilt or threat-actor labelling, and does not operate within the scope of Art. 5(1)(d) AI Act.
When used by or on behalf of law enforcement or public security authorities, the system may fall under the high-risk classification of Annex III No. 6. The architecture is therefore designed to meet the requirements of Art. 8–15 AI Act: risk management system, data and data governance, technical documentation, automated logging, transparency and information duties, human oversight, as well as accuracy, robustness, and cybersecurity.
The architecture contains structural safeguards for political assemblies in line with the German Federal Constitutional Court's doctrine (BVerfGE 69, 315 — Brokdorf): assemblies are not the object of investigation but a constitutionally protected context. The detection logic is explicitly designed not to classify assembly dynamics as anomalous.
Civil-liberties by design
These commitments are written into the research architecture as design principles, not retrofitted as add-ons.
The pipeline processes skeletal and motion data without facial features. Neither face recognition nor re-identification via biometric templates takes place.
Trajectories are used only within a bounded analysis window for statistical aggregation, not for persistent tracking of individuals across spaces or time.
The three-outlier model distinguishes three roles in a crisis situation: source (initiating actor), helper (intervening or assisting party), and knower (contextually reacting bystander). Helper protection is not post-processing but encoded as a penalty term in the loss function — misclassifying a helping person as an initiator is structurally penalised more strongly than other errors.
Outputs are calibrated probabilities — not deterministic person-level labels. Calibration uses conformal prediction, a statistical method with a verifiable confidence level: at a threshold of 0.9, the output set contains the correct class in at least 90 % of cases. Thresholds and confidences are explicitly reported for every decision.
Eight mandatory corrections
Overview of corrections we systematically incorporate against existing risk-analysis methods (notably SPOT and the Berlin three-stage model). The full derivation is presented in a position paper in preparation.
Methodological distance from methods without controlled validity.
Helper differentiation as a structural element of classification.
Individual contributions are tested counterfactually against the crowd baseline.
Anomaly is defined against the current crowd median, not a normative target.
Every contribution is a probability with confidence interval, not a categorical attribution.
Every classification is documented with a traceable audit trail, accessible to lawful review.
Transparency obligations scale with intervention depth — deeper intervention requires fuller disclosure.
Assembly dynamics are methodologically separated from crisis dynamics; assemblies are never the object.
Research integrity
Core research documents (architectural specifications, position-paper drafts, grant outlines) are anchored in time via OpenTimestamps. This produces a forensically verifiable priority anchor independent of later publication dates.
Published research outputs appear on arXiv and Zenodo with DOI. Software releases are made available under Apache 2.0 on GitHub and npm.
Outreach to potential co-authors is conducted consistently in the subjunctive; names are not communicated before written consent. Work in preparation is labelled as such.
The validation basis consists of publicly documented incidents from 2015–2025, selected for forensic documentation density and suitability for methodological differentiation. Source material is exclusively publicly accessible. Out of respect for bereaved relatives, ongoing proceedings, and memorial structures, individual case names are not foregrounded in this overview documentation; the selection logic is presented separately in a methodological companion text.
Independent research laboratories do not have access to the institutional ethics committees of a university. The establishment of an external ethics-oversight structure is part of our medium-term structural development. In the interim, external oversight and validation instances are used: notified-body pre-assessments (TÜV SÜD, TÜV Rheinland, Bureau Veritas) and legal opinions on the constitutional compliance of the architecture.
Conflicts of interest
Data protection in research operations
At the current research stage, validation draws exclusively on publicly available recordings of documented incidents. Processing of personal data for training or evaluation will only take place once a research clause under Art. 89 GDPR in conjunction with § 27 BDSG is in place, alongside a documented Data Protection Impact Assessment (DPIA) under Art. 35 GDPR. Annotation schemata are designed so that no biometric features (in particular no facial, gait, or voice features) are recorded.
Alexander Bering, sole proprietorship (DUNS 317163443). Full contact details in the legal notice.
Research data are retained in a traceable manner for at least ten years in accordance with the DFG guidelines on safeguarding good scientific practice. Material that does not serve scientific traceability is deleted or anonymised once the research purpose has been fulfilled.
The rights to access, rectification, erasure, restriction, and data portability under Art. 15–20 GDPR are granted unless restricted under Art. 89(2) GDPR in conjunction with § 27(2) BDSG for the purposes of scientific research. Any such restrictions are documented and justified on a case-by-case basis.
Data processing takes place on servers within the European Union. Third-country transfers do not occur under the current research design. Should processing outside the EU become necessary in the future, it will only take place under standard contractual clauses pursuant to Art. 46 GDPR and following a prior impact assessment.
Ethics inquiries
For inquiries on research ethics, data protection impact assessment, auditing, notified-body pre-assessment, or consortium projects, please get in touch at the address below. We typically respond within ten working days.
Send ethics inquiry →More from this research
Three tracks, one core, a shared ethics foundation.