The Smart Cities project is a transnational partnership funded by Interreg that aims to further the development of e-services and e-government by municipalities across the North Sea Region [NSR].
[See more on the project's aims here ]. The project partners are working in a broad range of areas, including customer profiling, developing the wireless city, and developing customer services and service platforms.
The goal of the project is to develop successful best-practice pilots whose methodologies are transferrable and whose approaches can be mainstreamed by municipalities across the NSR. This requires project partners to develop transnational solutions, i.e. methodologies and approaches that are not country-specific, but which can be rolled out in other countries in the NSR.
As part of this effort, local partners are looking at designing personalised and customised services for citizens and in using customer profiling to better design/target/evaluate services.
Partners may wish to use a broad range of both personal/individual and aggregate/community data for personalisation and profiling, including:
 personal data submitted via websites
 personal data held in existing municipal databases
 community profiles generated from data on individuals that is held in municipal databases[e.g. characteristics of library users]
 community profiles generated from existing government datasets [e.g. percentage of adults on benefits, census data]
 community profiles purchased from 3rd parties etc. [e.g. Mosaic Global]
There are clearly privacy implications in the collection and use of personal data, and there have been questions within the partnership about the conditions under which municipalities can develop community profiles, and to whether there are any legal constraints to customer and community profiling in the NSR.
At the same time, Freedom of Information (FOI) laws mean that it is not possible to treat all data contain as confidential (even if it contains some personal details), and the practice on information openness varies considerably between member States.

Produce a report which clarifies how municipalities in the NSR are able a] to use data to provide personalised services through different service channels and b] to use data to develop user and community profiles. The report should identify what all NSR municipalities are required/able to do, and identify additional issues on privacy and data protection in each of the NSR countries.
Privacy
 set out the legal frameworks that govern how municipalities may use/re-use personal information
 set out the legal frameworks that govern how municipalities may use/re-use personal information when designing/delivering personalised services
Customer profiling
 identify what, if any, legal frameworks govern the creation or use of citizen or community profiles by municipalities in the NSR
 clarify what, if any, restrictions there are on municipalities in the NSR who wish to develop citizen/community profiles using data from provided by citizens
 clarify what, if any, restrictions there are on municipalities in the NSR who wish to develop citizen/community profiles by re-using using data that has already been collected by the municipality from citizens
 clarify what, if any, restrictions there are on municipalities in the NSR who wish to develop citizen/community profiles using data from external sources [national governments, private sector etc.
The final report should cover the existing data protection and privacy laws in the NSR, and set out the legal frameworks, standards and codes of practice that municipalities in the NSR need to follow when collecting, storing, processing and using citizen's data, and setting out the ways that any conflicts between data protection and freedom of information practices are resolved.
The report needs to provide a series of clear comparative outputs that identify where a] NSR countries follow similar rules governing privacy and data sharing and b] areas where rules vary or are otherwise inconsistent, ideally with references to case studies of good and bad practice. Establishing a baseline of what is permitted across the NSR is a key foundation for efforts to mainstream the lessons from Smart Cities pilots transnationally.
The report would be expected to be based on previously published work – no original research would be required. The work does not need to examine the legal frameworks for data protection and privacy outside the NSR. The work is not required to provide a historical overview of
privacy/data protection laws in the NSR.
The report is not expected to be more than 16 pages long. A draft of the report should be submitted by the end of September 2009, with the final report received by the end of October 2009.
Page 2 of 3

Interested parties will be asked to submit a brief expression of interest. This should set out:
 an appreciation of the issues set out in the brief
 an outline of expected outputs and timelines
 a brief outline of the relevant skills and experience of staff, including publications
 costings, including day rates for all staff
Expressions of interest should be submitted in writing by August 14th 2009 to:
Dave Fitch
Smart Cities Project Manager
The Forum
Bankhead Crossway North
Edinburgh EH11 4BP
Expressions of interest will be evaluated by the SCRAN funding committee.
Page 3 of 3