Massive quantities of data are collected and assessed every day by security systems around the world. Just imagine the amounts of information gathered by the likes of video surveillance and access control systems. From license plate numbers collected by real-time traffic cameras to biometric data scanned when one enters a high-security facility, all kinds of personal and revealing information is stored and assessed by standard security systems.
While sophisticated, modern technology has made this information and data collection a seamless process for businesses, government bodies, and law enforcement alike, personal security concerns abound. In a recent piece for Security Magazine, Florian Matusek, Video Analytics group lead at Genetec, Inc., delves into the push and pull between the need to obtain this important data while balancing very real and pressing concerns from people who have valid questions over how this often sensitive personal data is being used.
Matusek cites the 2022 Consumer Privacy Survey from Cisco, in which 75% of participants said “they wouldn’t buy from a company they don’t trust with their data.” The survey also showed that more than 80% of those respondents reported that just how a company handles this data is a clear sign of how that “organization views and respects its customers.”
In this era when more data is being collected than ever, can personal privacy be respected? Matusek writes that the answer is a decided “yes.”
In the article, Matusek cites the well-respected “Privacy by Design” framework, which was devised by Dr. Ann Cavoukian, Ontario’s Privacy and Information Commissioner. This set of principles prompts security officials to collect and hold onto “only the information needed,” while also limiting widespread access to the most sensitive data.
“For example, modern ALPR systems typically store only the ‘read value’ of a license plate. They don’t store the image of the plate itself and may offer the option to store information only if a plate matches with a hotlist,” Matusek explains. “Having encryption built in is also an example of privacy by design. Captured data is automatically encrypted. Only operators with the correct credentials can view it. Some companies have a ‘four eyes’ principle, requiring two people to provide credentials to access the information.”
Essentially, this framework is really an important state of mind and guiding philosophy that should be adhered to by any business or organization that relies on personal data to keep a company, its employees, and its assets secure.
For the full article, head here.