The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
Importantly, the GDPR also applies to companies outside the EU, who have customers in the EU i.e. a US-based website, with EU customers.
But this short post isn’t about the GDPR. Instead, as Intel positions herself as a company that enables and drives computer vision and video analytics solutions…
Here are a few security and privacy tips from the GDPR, for use cases that involve video feeds:
- Video feeds should not be stored in original form:
- May be stored encrypted – in that case we’re not obligated to inform all people recorded on the video about a breach
- Video features (faces, mostly) allowing for identification should be blurred/whited out – in that case we don’t only eliminate the need of breach notification, but also the need of providing fragments of videos where a person is identifiable to that person (as per the “right of access” GDPR article).
- Places that have cameras mounted should be clearly marked and provide information about how the data is used
As you must’ve noticed, the tips above are useful even for systems that do not need to be GDPR compliant.
Extra Resources:
- https://gdpr-info.eu/
- https://www.enisa.europa.eu/publications/recommendations-on-european-data-protection-certification
- https://netwatchsystem.com/blog/cctv-gdpr-data-protection/
Subscribe
If you enjoyed this article, you can subscribe to receive our newsletter via email.
