The importance of regulatory change as big data and surveillance merge

Posted March 14th, 2017 by Paul Sandford

Surveillance camera code of practice - a guide to the 12 principlesToday sees the launch of the national surveillance camera strategy for England and Wales, headed up by Tony Porter, the government’s Surveillance Camera Commissioner.

The three year strategy is a welcome step forward but it also comes with a stark warning from Mr. Porter, the government’s CCTV watchdog, who is concerned that regulators and the government were struggling to keep up with the pace of technological change.

What most worries me is the impact of big data and integration of video surveillance… I’m worried about overt surveillance becoming much more invasive because it is linked to everything else.

Tony Porter – Surveillance Camera Commissioner

The new strategy acknowledges that most people currently support the use of CCTV in public places but the Commissioner’s concerns are whether this support can continue because of the way surveillance is changing. As technology advances and converges, the possibilities for its use are expanding at breakneck speed and there are undoubtedly some cases where it’s been invaluable – such as drones helping the police solve crimes and hunt for missing people but, it’s also creating problems with privacy.

As the collection of big data merges with the proliferation of video surveillance, the overt use of CCTV, drones and body worn cameras could become more invasive than was first intended. As images of people are captured and potentially compared against other monitored data about individuals and their movements, it potentially signals the potential for an invasion of privacy on a mass scale.

Guiding principles

This is why at NW Security Group, we feel regulatory change is incredibly important. We agree with Mr. Porter’s 12 guiding principles published in the Surveillance camera code of practice, and we think this should not only be applied by public space operators but also within companies and other organisations.

Plus, we also like to emphasise that the organisation should apply best practice methods to protect the captured and recorded data as well as the system’s devices from hack attempts. We think Mr. Porter should make this a 13th principle, in line with General Data Protection Regulation (GDPR), to ensure the security of the vast amount of personal data that is being kept within those systems.

For those that need to brush up on compliance, here are the 12 principles from the Surveillance camera code of practice.

  1. Use of a surveillance camera system must always be for a specified purpose which
    is in pursuit of a legitimate aim and necessary to meet an identified pressing need.

  2. The use of a surveillance camera system must take into account its effect on
    individuals and their privacy, with regular reviews to ensure its use remains justified.

  3. There must be as much transparency in the use of a surveillance camera system as
    possible, including a published contact point for access to information and complaints.

  4. There must be clear responsibility and accountability for all surveillance camera
    system activities including images and information collected, held and used.

  5. Clear rules, policies and procedures must be in place before a surveillance camera
    system is used, and these must be communicated to all who need to comply with them.

  6. No more images and information should be stored than that which is strictly required
    for the stated purpose of a surveillance camera system, and such images and
    information should be deleted once their purposes have been discharged.

  7. Access to retained images and information should be restricted and there must be
    clearly defined rules on who can gain access and for what purpose such access is
    granted; the disclosure of images and information should only take place when it is
    necessary for such a purpose or for law enforcement purposes.

  8. Surveillance camera system operators should consider any approved operational,
    technical and competency standards relevant to a system and its purpose and work
    to meet and maintain those standards.

  9. Surveillance camera system images and information should be subject to appropriate
    security measures to safeguard against unauthorised access and use.

  10. There should be effective review and audit mechanisms to ensure legal
    requirements, policies and standards are complied with in practice, and regular
    reports should be published.

  11. When the use of a surveillance camera system is in pursuit of a legitimate aim, and
    there is a pressing need for its use, it should then be used in the most effective way
    to support public safety and law enforcement with the aim of processing images and
    information of evidential value.

  12. Any information used to support a surveillance camera system which compares
    against a reference database for matching purposes should be accurate and kept up
    to date.

Leave a Reply

Your email address will not be published. Required fields are marked *