We're Watching

Why we must design privacy protections into our systems

The National Science and Technology Council (NSTC) was established by Presidential Executive Order 12881 on November 23, 1993. This Cabinet-level Council is the principal means for the President to coordinate science, space, and technology to coordinate the diverse parts of the Federal research and development enterprise. The President chairs the NSTC. The NTSC has an Interagency Working Group on Biometrics, which has established a Social/Legal/Privacy Subgroup to develop and provide resources that enable federal agencies, and others, to better integrate social/legal/privacy analysis throughout a biometric system life cycle. In a presentation for the 2004 Biometric Consortium Conference, Peter Sand, the director of privacy technology at the U.S. Department of Homeland Security, stated that with regard to biometrics, the social/legal/privacy aspects are ever changing (laws, values, public perceptions, etc.) and that a "one-size-fits-all" privacy analysis for a specific technology or application is not possible. Instead, each application requires focusing on the questions and issues at hand in an individual analysis.

IT and HR Integration
Due to legislation like Sarbanes-Oxley and SB1386, IT departments are undertaking massive programs to revise their database designs to incorporate privacy and governance attributes that can be used to identify the data records and data fields that are subject to legislative requirements. This will allow rules-based management of data systems to accomplish compliance with legislation, including providing audit trail evidence that all data has been accessed in accordance with the restrictions and policies that apply. Even if only for their self-protection, security systems integrators and their customers need to be aware of what data their systems "touch" when they perform integrations to HR or IT systems, especially if they import data into the security systems. Just because the data is not subject to restrictions at the time of integration, doesn't mean that it will always remain that way.

Common Cards
Where smart cards are used for both security and financial applications, care should be taken that identifiers used in the security systems are not the same identifiers used for financial transactions, or the security system data may also be subject to legislation-based privacy restrictions. This is an issue that warrants close examination given the import of current and pending legislation.

Video Surveillance Systems
When video systems are made available for operations use, especially when IP-based systems are placed on the corporate business network, security management may lose control over who can access the systems and for what purpose. The security planning for the deployment of video systems should include a privacy evaluation element. Systems integrators must be prepared to address privacy issues in their recommendations for system deployment.

Privacy with regard to both video and data systems was a topic discussed in several sessions at a recent educational conference produced by the Kansas City Chapter of ASIS International, "When Worlds Collide: The Physical/Logical Security Dilemma." (This author was honored to be one of the conference speakers.) This was an event in which honest facts replaced hype, and practical experience replaced theorizing. In this author's experience that kind of value is rare when it comes to convergence issue coverage.

One of the conference presenters was Charlie Pierce, widely regarded as the foremost authority in CCTV training and design, and the president and founder of LeapFrog Training & Consulting. A 30-year security industry veteran, Pierce is known throughout the world for his dedication to the CCTV security industry.

An example of this candor typical of the Kansas City conference was the closing remarks of Charlie Pierce in his session about IP-based cameras. "Twenty years ago, you could go about your daily business, to work and back, shopping, and maybe out to a restaurant, and your image might be recorded by a camera perhaps once every two or three months. Ten years ago, that was once every two or three days. Five years ago, it was two to five times a day. Today it's eight to 12 times per day. In five years, it is projected that you will be recorded from 25 to 50 times per day. And we [security practitioners] are the ones who are doing it."

Charlie's concluding message: "Please, when you are designing your systems ... stay professional. Remember, more times than not, shutting and locking the door is the best approach. Cameras have their positions, but privacy is the greatest thing that we have and we are giving it up camera by camera by camera."

In addition to general advice, the LeapFrog Training & Consulting Web site contains specific suggestions with regard to the problem of keeping a security officer from using a pan-tilt-zoom camera in ways that violate privacy, including the use of privacy blocking or privacy zone features of some CCTV systems.