Video analytics in smarter cities pose a challenge for security and privacy professionals that are focused on preserving the privacy of the public, while balancing their organization’s desire to utilize information. As with all analytics, these principles come with competing needs. However, with a carefully thought-out approach, value can be derived, and privacy can be preserved without increased risk.
The rise of video analytics in smarter cities enables local government to gain insights into movement flows of pedestrians, bicycles and scooters, with the objective of improving the operation and efficiency of central business districts and surrounding areas. The technology is being increasingly used since it provides significant benefits over technologies such as Bluetooth beaconing that cannot accurately determine the difference between the type of moving objects.
In addition to internal use, the data insights generated by video analytics solutions can also be shared by local government to open data platforms for consumption by other government entities or enterprises.
To capture video for analytical purposes, cameras can either be mounted on smart poles or video streams can be shared from surveillance systems. The mounting of cameras on smart poles is a popular approach since cameras are dedicated for the purposes of smarter cities and already host a range of sensors and other features.
An alternative approach to cameras on smart poles is to analyze video footage from surveillance systems or waste trucks. However, this can often present a range of challenges since such systems are often run by third parties or isolated from corporate infrastructure.
To gain insights from cameras, the video is streamed to a video analytics solution that can identify a pedestrian, bicycle or scooter. These systems are either hosted with the camera, for example on a smart pole, or in the cloud where the stream from multiple cameras are analyzed. An emerging technology is the use of edge analytics where the software is embedded in the camera. However, at its infancy its use is currently limited in comparison to a fully-fledged video analytics platform.
Where feasible, compliance with privacy legislation can be achieved by not collecting personal information in the first place, effectively achieving compliance by being out of scope of legislative requirements.
There are a couple of approaches to avoid collecting personal information. The most cost-effective is to process the video stream in memory rather than to disk. Another approach is to obfuscate a face, effectively applying a de-identification technique. In both cases, advice should be sought from a privacy professional to ensure that legislative requirements are achieved.
A special consideration should also be taken around collecting personal information and law enforcement. If cameras collect footage, then law enforcement may approach the organization for footage, which can place a burden on the business with increased overhead. For example, video footage that is requested by law enforcement may need to be retained for a longer period.
In some cases, compliance can be achieved by collecting video of a low enough quality that would not allow a person to be reasonably identified. However, in such a case there is also the risk that the quality of the video stream may experience false positives and count statistics that are not accurate.
If organizations collect personal information, it is imperative that controls are implemented to ensure the ongoing confidentiality of personal information. This often starts with a collection notice that informs the public that data is being collected for analytical purposes.
From here, security and privacy professionals need to translate “privacy by design” into software engineering. Using a blend of controls such as encryption-in-transit, encryption-at-rest and access control, solutions can be secured to reduce the risk of unauthorized access.
Specific consideration should be taken around the access control applied to the live feeds of cameras to ensure that internal teams and third-parties can only access video stream on a “need to know” basis and with the principle of least privilege applied.
In larger organizations, Privacy Impact Assessments (PIAs) can be used as a tool to assist the business to better understand privacy impacts to the data that is being collected and processed by the solution. Since video analytics is a relatively new technology, PIAs can be used by privacy and security professionals as a tool to provide guidance and awareness.
As an example, businesses can gain an understanding of their responsibilities with collecting personal information and the impacts with using personal information for purposes other than its intended use. This can be a common problem in data warehousing scenarios where large volumes of data are collected without the necessary rigor in place.
It is important that organizations formulate a policy on the use of video analytics early on to ensure that compliance is achieved, controls are standardized and ultimately the organization benefits from its investment in video analytics. Video analytics is a prime example of where security architecture and risk professionals need to apply privacy by design to ensure that unauthorized access does not lead to financial loss and reputational damage.
Editor’s note: For further privacy resources, find out about ISACA’s new technical privacy certification, the Certified Data Privacy Solutions Engineer (CDPSE) credential.