CCTV and the Privacy Dilemma: Part 2

INDIA: Now that the dilemma between technology's potential to help and its equally strong potential to intrude, has been established, may be a look at how other nations are coping up with the challenge may offer some hints.

Caution Areas

In the Surveillance Camera Commissioner Annual Report 2013/14 in UK, the use of CCTV in domestic environments as a concern amongst the public and a high generator of complaints across various agencies was addressed with a strong thrust.

Tony Porter, Surveillance Camera Commissioner, had outlined well, “It has been brought to our attention that the application of the PoFA Code (Surveillance Camera Code of Practice) is not consistent throughout all relevant authorities. We have been made aware of instances where some traffic enforcement officers, often utilizing the same cameras as those used to deliver crime and disorder reduction strategies; do not deliver the same level of compliance to the PoFA Code. ”

The report mentioned how the use of surveillance camera systems within domestic environments continues to grow and how the upsurge in domestic use is directly responsible for an increase in complaints around their use and that’s where the Commissioner intended to engage and issue guidance to manufacturers, retailers, installers and users to address core concerns.

Body-worn Video (BWV), Unmanned Aerial Vehicles (UAVs)/ drones and Automatic Facial Recognition (AFR) were also discussed. The most interesting part was where he said this, “However, my single biggest challenge for now will be voluntary adoption. I will be speaking to universities, residential social landlords, retail centres and others about voluntarily adopting the PoFA Code.”

Voluntary adoption and some responsible stance at using a strong technology are always the better ways out for fighting intrusion concerns.

The Information Commissioner’s Office (ICO) had issued its first code of practice under the Data Protection Act 1998 (DPA) covering the use of CCTV in 2000. In subsequent updates it admitted that the world has moved away from CCTV simply being a camera on top of a pole in our local town centre where the images were recorded on to video tapes, to much more sophisticated operations using digital and increasingly portable technology.

It said in a 2014 report that surveillance cameras are no longer a passive technology that only records and retains images, but is now a proactive one that can be used to identify people of interest and keep detailed records of people’s activities, such as with Automatic Number Plate Recognition (ANPR) cameras. “The use of surveillance cameras in this way has aroused public concern due to the technology no longer being used solely to keep people and their property safe, but increasingly being used to collect evidence to inform other decisions, such as the eligibility of a child to attend a school in a particular area. The unwarranted use of CCTV and other forms of surveillance cameras has led to a strengthening of the regulatory landscape through the passing of the Protection of Freedoms Act (POFA).” It mentioned.

What is more interesting to note is that this code provides good practice advice for those involved in operating CCTV and other surveillance camera devices that view or record individuals, and covers other information that relates to individuals.

Here are a few leaves that we can glean from the recommendations that the code brilliantly laid out:

• Using surveillance systems can be privacy intrusive. You should therefore carefully consider whether or not to use a surveillance system.

• The fact that it is possible, affordable or has public support should not be the justification for processing personal data. You should also take into account the nature of the problem you are seeking to address; whether a surveillance system would be a justified and an effective solution, whether better solutions exist, what effect its use may have on individuals, and whether in the light of this, its use is a proportionate response to the problem.

• If you are already using a surveillance system, you should regularly evaluate whether it is necessary and proportionate to continue using it. Example- Cars in a car park are frequently damaged and broken in to at night. Consider whether improved lighting would reduce the problem more effectively than CCTV.

The code also talks about areas of looking after the recorded material and using the information:

• Recorded material should be stored in a way that maintains the integrity of the information.

• To do this you need to carefully choose how the information is held and recorded, and ensure that access is restricted.

• You will also need to ensure that the information is secure and where necessary, encrypted. Encryption can provide an effective means to prevent unauthorised access to images processed in a surveillance system.

• Where encryption is not appropriate, for example, if it may have an effect on the information that you are choosing to process, then other appropriate methods should be employed to ensure the safety and security of information.

• If you are going to be collecting and retaining a large amount of information, for example video footage from BWV cameras, then you may wish to store the data using a cloud computing system. You will need to ensure that this system is secure.

• You may wish to keep a record or audit trail showing how the information must be handled if it is likely to be used as evidence in court. Finally, once there is no reason to retain the recorded information, it should be deleted.

Now something about recommended operational and technical standards. Ask yourself some questions:

• How practicable is it to take copies of a recording off your system when requested by a law enforcement agency?

• Can this be done without interrupting the operation of the system?

• Can it be provided in a suitable format without losing image quality or time and date information?

• How can you ensure that information complies with designated standards?

• Will they find your recorded information straightforward to use?

• What will you do when recorded material needs to be taken away for further examination?

The most important part that becomes worthy of a note, specially after Trial room debacles that haven surfaced in India:

• Viewing of live images on monitors should usually be restricted to the operator and any other authorised person where it is necessary for them to see it, for example to monitor congestion for health and safety purposes, unless the monitor displays a scene which is also in plain sight from the monitor location.

• If you have set up a live streaming camera available to the public so that they can, for example, assess which route to take on their journey to work based on the level of congestion, you should ensure that it is appropriately zoomed out so that individuals cannot be identified.If individuals can be identified then this will need to be justified and shown to be necessary and proportionate. Recorded images should also be viewed in a restricted area, such as a designated secure office.

• The monitoring or viewing of images from areas where an individual would have an expectation of privacy should be restricted to authorised personnel.

• Where images are in an area of particular sensitivity, such as a changing room, it may be more appropriate to only view recorded images after an incident has occurred.

• Are your monitors correctly sited taking into account the images that are displayed?

• Is your monitor viewing area appropriate and secure?

• Where necessary, is access limited to authorised people?

• Does real time monitoring need to take place?

Yes, CCTV usage will only continue to grow. According to a latest annual Centre for Retail Research (CRR) survey into the use of CCTV in retail (commissioned by Axis Communications, over 60 per cent of UK retailers are planning to adopt network IP in the next three years and nearly a third have adopted it already, up from a quarter in 2012.Of the 20,350 stores it studied, 92.8 per cent were using CCTV and of these, 32.1 per cent had already upgraded to network IP technology – representing a 2.5 per cent rise in take up from the previous year's figures.This trend was even more pronounced across the wider northern European region, with 58.5 per cent (weighted average) of analogue users planning to switch to network IP.

The potential is enormous but so are the risks and responsibilities that come along.

There is no harm in using surveillance technology for the edge it brings to your vertical but you don’t always need lawmakers to tell you what’s the right and fair way to go about it.

Or do you need some angry neighbor to tell that too?