What Is The Impact Of Privacy Concerns On Physical Security?
12 Jul 2021
Adoption of General Data Protection Regulation (GDPR) by the European Union in 2016 set a new standard for data privacy. But adherence to GDPR is only one element, among many privacy concerns sweeping the global security community and leaving almost no product category untouched, from access control to video to biometrics.
Because privacy concerns are more prevalent than ever, we asked this week’s Expert Panel Roundtable: What is the impact on the physical security market?
Every time a cyber-attack or data breach is announced, people lose a little more faith in the IT industry’s ability to protect their privacy and assets. With constant ransomware attacks in the news, it’s no longer ‘if’, but ‘when’ the next attack will occur. For the professional security market, this is a key topic between vendors and corporate customers who cannot risk damage to their brand. In an IoT, IP-based world, every single device that is put on the network must be properly protected. Customers have become increasingly cyber-aware and they want assurances regarding a product’s cyber worthiness. Features like auto-masking to protect privacy are increasingly requested. The most successful security solutions are those designed with privacy in mind. Enterprises need to wisely choose solution providers who design with a ‘security first’ mindset and properly address privacy rights.
Personal data, no matter its form, has historically played a part in privacy concerns. But in the past three years, since the inception of the GDPR legislation, organizations have changed, enduring in their efforts to protect sensitive data as privacy concerns have become more prevalent than ever. With that, organizational policies have changed. Data handlers now realize that confidential personal and commercial information presents a huge risk to organizations – whether in cyber or physical form. Shredding devices have become the first line of defense for physical data forms. For one, sensitive data is instantly recognizable on paper. It is also portable, easy to copy or scan and therefore just as dangerous as electronic data in the wrong hands. And now, with hybrid working scenarios in the mix, we may see an accelerated impact on the physical security market – with home offices providing further risks to the security of physical data.
There are measures in place to protect the privacy of individuals, such as GDPR, but the problem we face is that criminals and hostile actors can and do act anonymously or dishonestly online, to connect with people who have access to sensitive data. Often the human factor is the weak link in security, if we fail to prepare the whole team for potential dangers of attackers looking to win their confidence. There is a significant need to create awareness across personnel in our businesses, and in the general public, to be more careful and circumspect, when we are approached seemingly innocently via social media and the like. Physical security systems are well placed to protect people’s privacy, the encryption used to secure credentials equally protects personal information. However, these solutions are only as secure as the weakest link in the chain, human beings that are also custodians of this information.
Privacy has always been a primary concern for our industry, especially as the deployment of video security technologies has increased at pace over recent decades. Privacy is a critical element in gaining the trust of people and for broader acceptance of CCTV systems across society as a force for good, rather than the negative perception of ‘Big Brother’ that can sometimes prevail. Video storage has often been the area of most concern, in terms of privacy. In this regard, video security technologies and procedures must provide clear standards for storage retention and access, as well as the conditions under which video footage can be retrieved and used. The importance of this has been further highlighted with the introduction of GDPR. Above all else, transparency is the key.
As privacy concerns remain present in organization's minds, the demand for physical security systems, such as access control, is only increasing. However, it is vital that organisations understand the rules and data surrounding these systems, before implementing them to keep their infrastructure and employees safe. One of the biggest security concerns for access control systems is network breaches by unauthorized users. When a company chooses a physical security system to protect its infrastructure, personal data such as name, age, and sometimes, even biometrics are collected and analyzed by the system. Because of the amount of information that is collected, physical security manufacturers must create products that make it easy to adhere to the proper rules and regulations set in place (such as GDPR) and offer extensive training to their end-user customers, in order to foster a successful usage of their security solution.
Security dealers and end user customers are reaching out to us, to address the needs of security, while not infringing on privacy. Today, security is needed everywhere. However, facial recognition pushback and highly publicized invasion of privacy events have renewed the concerns over the use of cameras, video and audio recordings. Our shift to sensor technology as an add-on to camera and VMS solutions provides data-driven event-based alerting that maintains privacy, while keeping people safe. This security strategy is becoming widely accepted for use in bathrooms, locker rooms, patient rooms, residential complexes, classrooms, private offices, etc. and quickly addresses those original customer privacy concerns.
Privacy protection regulations are becoming more effective on a global scale. Various regions have adopted different methods, but the common denominator is the protection of individual privacy. This requires a lot of guidelines on how security and safety systems are handling privacy and personal data. These rules seek to regulate what data can be processed by security systems, and how that data is handled, stored and maintain. The way that systems handle personal data is becoming a higher criterion for operations in the security industry. Most major vendors are adapting the methodology for handing personal data to comply with major laws such as GDPR, although privacy law differs from country to country and even city to city. This seems to indicate that the long-term impacts from privacy regulations have yet to be realized, particularly in the areas of video surveillance and analytics technologies such as facial recognition.
Privacy is becoming a catalyst for innovation across all sectors of the physical industry because it is a fundamental human need. At Genetec, we believe that organizations should never have to choose between protecting the privacy of individuals and their physical security. Privacy should always be the default option, rather than the other way round. Responsible vendors should provide the necessary tools for security professionals to gather and manage data responsibly, particularly video, while supporting compliance with privacy laws around the world. To that effect, forward-thinking and ethical developers are embracing Privacy by Design methodologies. This involves proactively embedding privacy into the design and operation of IT systems, networked infrastructure, and business practices from the first line of code to the third-party vendors selected for partnership and integration.
Since GDPR has been implemented in the European Union, U.S.-based companies are learning a lot from the regulations being enforced in the realm of data privacy. Additionally, it is critically important for U.S. companies to be able to adhere to the rules guiding how data is collected and shared about EU citizens. When a company implements a physical security system, such as access control, a lot of personal information is collected and analyzed for various purposes. While the majority of the data being shared is controlled by the company using the system, there are some elements that can come back to the integrator or even the manufacturer, like in the case of the organization implementing a managed cloud-based solution. Therefore, manufacturers need to be mindful of their product's capabilities and make it easy and streamlined for end-user companies to adhere to the data sharing and privacy regulations in place.
Cyber security and privacy go hand-in-hand. When hackers are successful, often it is private data that is exploited and sold. And while Europe made significant strides with GDPR, other countries, such as the United States, still have more to do in implementing regulations that adequately protect the privacy rights of individuals. It is imperative that product development address privacy concerns from the outset in any video security design and implementation. Beyond masking areas that should not be seen, best practices should include an audit trail detailing of what operators have been viewing. Everyone must be accountable for their actions, when using these powerful tools. Privacy rights and cyber security are increasingly driving decision-making for security customers, as the big tech companies continually grapple with the topic in the headlines. There should be no reason for a customer to compromise privacy for security.
Whether protecting personal data to comply with GDPR or managing CCTV usage to avoid a perception of ‘Big Brother’, privacy is a primary concern for anyone in the physical security industry. As one Expert Panelist comments, security and privacy should not be a choice: Both can – and must – coexist proactively and responsibly to everyone's benefit. With cyber security attacks prominent in our daily news feeds, awareness has never been higher, and the negative impact of cyber-attacks on privacy should always be kept in mind.
Hanwha Techwin America products
Hanwha Techwin America news
Hanwha Techwin, a global supplier of IP and analog video surveillance solutions launched Wisenet Road AI, a powerful new line of Automatic License Plate Recognition (ALPR) cameras that feature Make, Model, and Color Recognition (MMCR) to identify vehicles using AI technology. The cameras, together with a powerful edge-based application, support real-time viewing, event monitoring, forensic search, and a range of widgets and graphs that display daily/weekly/monthly traffic statistics. Road...
The Security Industry Association (SIA) names Gabrielle Shea – Public Policy Manager, government relations and public policy at NEC Corporation of America – as the 2021 recipient of the SIA Industry Advocate Award, which recognizes leadership in public policy. Shea will be presented with the award on September 21 at Part 3 of the 2021 SIA GovSummit, SIA’s annual public policy and government security technology conference. The SIA Industry Advocate Award – formerly the SI...
“Deep learning” is recently among the more prevalent jargon in the physical security industry, and for good reason. The potential benefits of this subset of artificial intelligence (AI) are vast, and those benefits are only now beginning to be understood and realised. But how can we separate the marketing hype from reality? How can we differentiate between future potential and the current state of the art? To clarify the latest on this new technology, we asked this week’s Exper...
Hanwha Techwin America case studies
Hanwha Techwin America, a global supplier of IP and analog video surveillance solutions, has announced that Army and Navy Academy, a college preparatory military boarding school in California, has upgraded its security infrastructure with Hanwha security cameras. Located on a 23-acre beach-front property, the Army and Navy Academy is home to more than 300 students and employs more than 140 faculty and staff members. Two-fold surveillance upgrade According to Jeffrey Gibson, a system with anal...
Recently, Planet Fitness, with the help of their preferred system integrator Adirondack Direct, incorporated a video surveillance solution from Hanwha Techwin and Genetec that not only enhances security, but also improves operations. When leadership evaluated security at their 70-plus corporate run locations a few years ago, they chose to incorporate a video surveillance solution that would address security needs and would be advanced enough to help with management and operations. Each of...
Protecting assets and people has always been a top priority for Kirkland’s, a global home décor retailer. With over 400 stores in 37 states, Kirkland’s is a go-to spot for a broad selection of distinctive merchandise: art, mirrors, candles, lamps, frames, accent rugs, furniture and more. When they evaluated their security solutions in 2016, they determined they needed to upgrade the analog video surveillance systems in use at their existing locations and plan for new stores....
Hanwha Techwin America white papers
Hanwha Techwin America virtual events
- Next Wave Of SoCs Will Turbocharge Camera Capabilities At The Edge
- Baltimore Is The Latest U.S. City To Target Facial Recognition Technology
- ASSA ABLOY Opening Solutions Embraces BIM To Smooth Specification And Installation Of Door Security Solutions
- Open Options Paves the Way for New Customers in Access Control
- Getting To Know Dan Grimm, VP And General Manager Of Computer Vision At RealNetworks
- Big Wins And The Importance Of Showing Up: Insights From SecurityInformed.com Editor Larry Anderson
- Setting Goals, Business Travels And Radioactivity: Success Secrets From Tiandy's John Van Den Elzen
- Getting To Know Jeff Burgess, President/CEO At BCDVideo