Memorandum by A A Adams, BSc, MSc, PhD,
LLM, MBCS, CITP School of Systems Engineering
SUMMARY
The move towards networked digital CCTV cameras,
together with the increase in the related data featuring geo-location
information (including electronic payment systems, mobile phone
triangulation and GPS details and embedding of RFID chips) the
role of the Surveillance Commissioners should be expanded and
formal links with the work of the Information Commissioner established.
In particular, following the Durant v FSA decision, there
is an urgent need to clarify the status of stored data which does
not link to an identified individual but for which an identification
link would be relatively easy to establish, by both the legitimate
holders of the data and by those who might gain access to the
data by illicit means.
New Surveillance Protection Principles should
be set forth in administrative guidance from the Surveillance
Commissioners, and updated in line with technological developments,
and should include the following with specific regard to CCTV:
Clear announcement of CCTV recording.
Photographs of operators (but not
names and addresses) available to those surveilled.
Licensing of operators and all others
who have access to control rooms and raw data.
Reasonable levels of security applied
to transfer of images from cameras to control rooms.
Where possible PETs to be implemented
to prevent invasion of privacy.
In addition, the status of video data in criminal
evidence should be made explicit:
Clear rules of evidence to be applied
to all systems suitable for use in possible proceedings.
Disallowance as evidence data from
any camera not subject to appropriate rules.
Clear guidelines for police in requesting
access to both live data and recorded data.
This submission is a shortened version of the
attached appendix (not published), an academic paper published
in the Proceedings of EthiComp 2007.
1. INTRODUCTION
Following the ruling of the Court of Appeal
in Durant v FSA (Durant v FSA [2003] EWCA Civ 1746),
raw video data is no longer regarded as Personal Data. This was
never a suitable definition of such information, although the
current definition that most video surveillance data is not protected
is equally as bad. The current level of surveillance of UK citizens
demands better regulation.
2. WHEN IS
RAW VIDEO
SURVEILLANCE DATA
PERSONAL DATA?
In publicly accessible areas of the UK, video
surveillance is usually lawful provided members of the public
are notified that video surveillance is in operation. Provided
that the organisation carrying out the surveillance is doing so
within the law, the only protection for the surveilled is if the
data is regarded as "Personal Data".
Despite the interpretation of the Data Protection
Commissioner that raw video data constitutes "Personal Data",
there are no well-known instances of Data Subjects making a request
under the Data Protection Act 1998 for copies of all "Personal
Data"held including raw video data. In some circumstance,
such as victims of crime, those accused of crime and those involved
in disputes with the police over possible malfeasance in the execution
of police duties, individual citizens (including police officers)
and law enforcement agencies have requested or required access
to raw video footage.
The final judgement by the Court of Appeal in
the Durant v FSA case changed the interpretation of the
Data Protection Act 1998 radically. The Commissioner's current
advice states [UK 05]:
If you have a very basic CCTV system, its use
may not be covered by the Data Protection Act.
If your system is more advanced and allows you
to zoom in on an individual member of staff whose behaviour is
causing you concern, or you use cameras to monitor the movements
and activities of your workforce, you'll need to inform us.
If a general scene is recorded without an incident
occurring, the pictures are not covered.
It would appear that it is the intent of the
operator(s) of a surveillance system which defines the status
of sections of data in the system. This does not provide a clear
and useful boundary to the definition of status of data in recordings
from surveillance systems.
3. NECESSITY
AND PROPORTIONALITY
PRINCIPLES
In [Ba106], Graeme Gerrard of ACPO states that
he wishes to see "proper regulation of CCTV to protect civil
rights". However, he also would like to see both newly deployed
systems and existing systems required to be "good enough
for their recordings to be commandeered for use as police evidence"
and "more compatible, that makes it easier for the police
to access images". His interest in regulation seems more
oriented towards making all CCTV systems useful and easily available
to the police, rather than in protecting civil liberties. This
pre-supposes that one of the primary purposes of CCTV should be
to allow the police to access images.
In other discussions with UK police CCTV managers,
it has been learned that future deployments of CCTV within, for
example, the British Transport Police's areas will all comprise
digital camera systems with network facilities to allow central
access. In terms of value for money for a force as geographically
spread as the BTP, which has responsibility for policing all of
the UK's national rail infrastructure as well as the London Underground
and (for some bureaucratic reason, various publicly owned underground
car parks in London) this does indeed make sense. However, the
broader the network infrastructure used to carry these images,
the more vulnerable to external access this system becomes. Just
as with the UK ID Card proposals and the NHS electronic patient
records system, security of data on government networks seems
to be something taken for granted without significant resources
being spent on the security engineering.
Suggestions that privately deployed CCTV systems
may be required to have a higher technological standard (which
obviously opens them up to wider abuse of privacy than lower resolution
systems) because they are therefore more use to the police in
investigation and the CPS in prosecution, seems to be an unfunded
mandate. In order to make any use of CCTV technology a company
would then have to pay for it to be usable for police purposes.
Whereas organisations such as banks, subject to the threat of
armed robbery, might do well to heed the advice of police as to
what standard of equipment and processing is needed to ensure
utility in criminal investigation, encouraging or mandating the
update of existing or new systems over all would seem to be a
recipe for increasing risk of privacy invasion without (once again)
a significant study of the actual value this would produce in
crime reduction or "clear-up".
The most worrying aspect of this is the suggestion
that all new systems should be high quality, digital and networked.
It is no large step to assume that the police would then press
for "on- demand" access to both the live feeds and the
recorded imagery for the purposes of manual and automatic tracking
and analysis. However, much as the initial deployment of analogue
CCTV in the UK happened with little public debate [NA99], the
creation of a massive accessible network of high quality digital
CCTV cameras in the UK would also present one of the biggest threats
to individual privacy possible, when combined with the development
of automated tracking, analysis and identification systems in
projects such as REASON (www.reason-cctv.org), ISCAPS (www.iscaps.net)
and AVITrack (www.cvg.rdg.ac.uk/projects/avitrack). The creation
of such an infrastructure without clear explicit regulatory apparatus
would be a grave mistake. Not only should the possible abuse by
legitimate authority be considered, but also the worst case scenarios
of the abuse of such systems by stalkers, crackers and general
busybodies.
So, when considering both policy-level suggestions
such as enforcing private CCTV systems to be higher risks to privacy,
and in regulating licenses for the deployment of public and private
systems, appropriate safeguards should be in place to consider
the necessity and utility of the proposed systems and the potential
costs not only in monetary terms to the public purse and the deployer,
but in the risk to individual privacy that the system entails.
Appropriate levels of security for high quality networked cameras
should be required and their maintenance part of the ongoing licensing
requirements. Appropriate logs of access should always be open
to scrutiny by the appropriate regulatory authority.
4. CONCLUSION
Given the profusion of deployments of CCTV cameras
in the UK and the profound threat to any form of anonymity of
movement that expected further developments of CCTV infrastructure
towards high resolution, colour, digital networked cameras represents,
a law specifically defining the limits of valid CCTV deployment
and use should be brought forward in the UK.
Given the nature of raw CCTV footage as not
sensibly falling within the useful definition of Personal Data
itself, and in the acknowledged utility of CCTV information for
law enforcement purposes (although principally in after the fact
investigation rather than live policing tasks, except in certain
limited deployment scenarios), the principle regulator for CCTV
should be the Office of the Surveillance Commissioners, whose
role and resources should be expanded to provide licensing for
public space CCTV schemes, guidelines on their deployment and
operation and audit of the adherence to these guidelines. The
OSC should, and already does where necessary, work with the Office
of the Information Commissioner [OIC] to ensure that where video
data is significantly processed to the point where it definitely
becomes Personal Data, or where it is linked to other identification
information such as payment or access controls, that both data
protection principles and new Surveillance Protection Principles
are being followed.
These Surveillance Protection Principles should
include:
Clear announcement of CCTV recording.
Photographs of operators (but not
names and addresses) available to those surveilled.
Licensing of operators and all others
who have access to control rooms and raw data.
Reasonable levels of security applied
to transfer of images from cameras to control rooms.
Where possible PETs to be implemented
to prevent invasion of privacy.
In addition, the status of video data in criminal
evidence should be made explicit:
Clear rules of evidence to be applied
to all systems suitable for use in possible proceedings.
Disallowing as evidence, data from
any camera not subject to appropriate rules.
Clear guidelines for police in requesting
access to both live data and recorded data.
ACKNOWLEDGMENTS
This work was supported by the EC (SEC4-PR-013800/ISCAPS)
EPSRC (EP/C533402/1/REASON).
REFERENCES
[Ba106] M Ballard. Home Office to grab for more
CCTV power. www.theregister.co.uk/2006/11/22cctv_powers/accessed
11.01.2007, November 2006.
[NA99] C Norris and G Armstrong. The Maximum Surveillance
Society: The Rise of CCTV. Berg, Oxford, 1999.
[UK 05] UK Information Commissioner. Obligations
towards CCTV Systems. www.ico.gov.uk/Home/for_organisations/topic_specific_guides/cctv.aspx
accessed.
January 2007
|