i-PRO Shares Privacy Tips for International Data Privacy Day 2024

i-PRO Co., Ltd. (formerly Panasonic security) a global leader in professional security solutions for surveillance and public safety, today shared tips on protecting the privacy of data captured from video surveillance systems. According to the United Nations Conference on Trade and Development, 137 out of 194 countries have put in place legislation to secure the protection of data and privacy. This trend is expected to accelerate this year as legislation is introduced around the ethical use of AI.

“Privacy by design is a core tenet of i-PRO’s business philosophy. Recognizing Data Privacy Day on January 28th is a great reminder that data privacy needs to be top of mind whether you are an end-user, integrator, or manufacturer of physical security systems,” said Hiroshi (Huey) Sekiguchi, CMO, i-PRO Co., Ltd.

As more data privacy laws go into effect around the world, organizations that have not properly protected sensitive data risk significant fines in addition to a potential erosion of trust with employees and customers. Some best practices for ensuring video surveillance systems meet or exceed data privacy standards include:

Prioritize privacy by design

Protecting data privacy can’t be an add-on feature. Look for manufacturers that consider privacy in their designs from conceptualization. A key part of any design should make it easy for integrators and end users to comply with regulations as they continue to evolve. The demands may vary widely across different geographies. Make sure any solution you choose has the flexibility to adapt. Ensure your system providers’ partners are properly certified so there is no weak point in the chain.

Find a balance between privacy and effectiveness

People need to know they are protected, but not to a point where they are uncomfortable with how their personal identifiable information might be used or viewed. Transparency builds trust. Organizations should consider displaying redacted streams that mask the faces of individuals in public view monitors that both employees and customers can see. An application such as i-PRO’s AI Privacy Guard, for example, automatically masks the face or body of individuals within the camera, enabling both redacted and non-redacted output streams. Non-redacted streams should be viewable only by authorized personnel. Taking these sorts of steps demonstate that although surveillance is taking place, individual privacy is actively being respected.

Have a privacy code of conduct

Put in place a code of conduct for your organization that includes a reference to your data privacy policies. Familiarize yourself with data privacy laws and regulations relevant to your region, such as GDPR in Europe, CCPA in California, or other local legislation. Ensure your systems and policies are compliant. Train staff thoroughly and repeatedly on data privacy policies and practices. They should understand the importance of protecting personal data and know how to do so in their daily work. Be transparent about data collection practices, informing individuals about what data is being collected, why it is being collected, and how it will be used.

Educate stakeholders on the differences between AI, analytics, and facial recognition

People often confuse AI with analytics, but they're distinct. AI is used in the video industry to enhance analytics and analysis capabilities, such as detecting humans and vehicles. Analytics, on the other hand, typically refers to the process of analyzing what a detected object is doing. For video security systems, it’s essential to understand that the descriptive metadata an AI-based camera captures is composed of anonymous data about the humans they detect. Most importantly, AI does not equal facial recognition. Facial recognition is a specific, focused function which has distinct privacy implications, while most AI implementations do not. And while facial recognition might be improved with some AI-based techniques, facial recognition has had its own separate evolution distinct from AI.

Encrypt data in transit and at rest Encrypting video data, both in transit and at rest, is crucial for maintaining data confidentiality and integrity. For data in transit, common methods include TLS/SSL encryption. Used by HTTPS, this encrypts the data between the client and the server to ensure video data cannot be easily intercepted by unauthorized parties. Secure real-time transport protocol (SRTP) is another widely supported method to encrypt video and audio streams. For data at rest (storage), methods include the advanced encryption standard (AES) or similar algorithms. Many cloud storage providers offer built-in encryption for data at rest which includes both server-side and client-side encryption. Proper key management is crucial for both types of encryption. Keep security systems, including software and hardware, up to date. Regular updates and patches protect against vulnerabilities that could be exploited to access data.

Limit access to sensitive data and store only information that is required

Grant access to data only to those who require it as part of their job. Review access rights regularly so privileges align with user requirements. Use a service such as Microsoft Active Directory to automate the addition/deletion of user accounts to help reduce human error when managing rights and privileges, or when removing users who are no longer with the company. Manage and control data that is no longer required to reduce risk in the event of a breach. Make sure your data retention policy follows any necessary regulations for your organization and either archive or dispose of it securely when it's no longer needed.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Featured Cybersecurity

Webinars

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3