Implementation of a GDPR compliant Video Surveillance System

Honeywell is not just adding privacy and data protection controls to existing systems and applications but is building privacy and data protection requirements and controls into the core development architecture and functionality of its products and solutions.

Honeywell in order to protect privacy throughout the whole life cyrcle of new products and solutions has set up a set up a separate privacy impact assessment process and focused on the development of new features to protect personal data processed by its products and solutions, based on the latest AI and IT technologies.

Before implementing a video surveillance system you have to be ware of GDPR regulation, rights and obligations under GDPR and DDPR definitions that will help you to choosing the proper legal ground for lawful processing of all data processing activities and implementing the GDPR principles.

In this connection Data Controller* should first assess the main data protection requirements for a video surveillance application before implementing the system:

This assessment should cover the key areas such as:

• Defining the purpose of the envisaged data processing operation
• Choosing the correct legal ground to process the personal data concerned
• Defining the minimum set of necessary data to be processed
• Setting retention periods
• Support for the data subjects* rights
• Implementing privacy-by-design
• Keeping a record of the concerned data processing activity
• Conducting a Security risk assessment
• Evaluating third-party risks
• Appoint a DPO if the video surveillance system includes systematic monitoring of publicly accessible area.

A data controller can ensure that video surveillance system is GDPR compliant when working with Honeywell equipment.

Some of Honeywell’s offerings has available IT Security Techniques the Pseudonymization and Anonymization. More specifically some IP solutions includes ‘people blurring’ and ‘people pixelization’ and capabilities to support the principle of privacy by design.

In this type of application the video system blurs people’s faces in live-view to reserve privacy during the normal course of events. If there is a legitimate reason to reveal people’s identity the video play back can be seen in the original format with ‘4-eye’ dual authentication.

The ‘4-eye’ dual authentication control mechanism id designed to achieve a high level of data prodection and security for especially critical operations. Under this mechanism all playback of the video in the original format requires the presence of two authorised people from two different groups. This type of control mechanism helps to ensure the privacy of individuals, especially during investigations  

End users need to address these rights to by informing their staff, visitors, customers and other impacted parties through appropriate signage and prior notification – in order to ensure that all concerned individuals are aware that video footage is being taken in a particular area.

And users also needs to set up a procedure to deal with and manage any type of access request. If the images recorded by on the video system needs to be provided it needs first to be checked whether other individuals are visible in the footage. If so, in the future they can be blurred or made unrecognizable by pixilation through the Honeywell footage redaction solutions.

When data subjects request access to their personal data, the smart search feature can help to quickly locate the video clips in response to the data subject’s request. for example, the smart search feature allows data controllers to search a person’s relevant appearances across multiplecamera recordings by using a face photo or a snapshot and find all relevant video clips for the specific person automatically.

Any personal data collected by a video surveillance system should be processed in a fair and lawful way, thus cctv systems should only collect personal data that is adequate and relevant for reducing privacy intrusions.

Honeywell offers three types of record: Continuous Recording, Event Recording, Scheduled Recording

• Using an appropriate mixture of continuous, event recording and scheduled recording provides the data controller with the ability to minimize the processing and storage of unnecessary personal data, and be compliant with the data minimization principle.

• Event based recording, where there is only recording upon an intrusion (for example in perimeter protection applications), is very clearly following an approach which is based on both the legitimate purpose and data minimization principles.

Log management:  With Honeywell IP video solutions, the end user is able to keep a record of any data processing operation performed within the system and to safely store these so-called ‘log files’ with encryption (in order to prevent any breach of sensitive information). Log files also contain personal data. Consequently, all GDPR requirements also apply to any log file.

Account management: Honeywell IP video solutions provide adaptability to different environments empowering organizations to choose which user or group of users can have access to and manage different profiles. As part of their system set-up process, the end user needs to define appropriate levels of access to the system for different users or user groups. Honeywell solutions then enable the controller to easily grant users the appropriate level of permission to view, access, search, export, delete, or make corrections (as required).

Verification procedures: Within Honeywell IP video solutions, user account and password information are kept secure using appropriate encryption and pseudo-random technologies. In some solutions, like MAXPRO VMS, end users can also deploy Honeywell four-eye password settings as an extra level of security to determine the legitimacy of log-ins, and keep personal data safe.

Access management: The end users can set up the system so that they get notification if there has been an attempted access by a non-authorized account (user). In addition, Honeywell solutions require authentication for the export of data from SD cards in cameras, as well as from the core network or digital video recorders.

Technical Security Measures 

Secure Data Transmission: Honeywell uses the HTTPS protocol to provide bidirectional, encrypted communication between devices and systems. For products without HTTPS encryption capability, care should be taken to avoid use in untrusted networks, or to install them behind firewalls to mitigate potential risks. Honeywell also offers password protection on RTSP and video streaming over TCP TLS to ensure data security.

Data Encryprion:  Honeywell leverages the Advanced Encryption Standards (AES) specification to protect IP communications

Crypto Chipset: Amongst its range of IP video solutions, Honeywell offers cameras with hardware-based ultra-secure key storage to ensure that a product with the consumables it uses, firmware it runs, accessories that support it, and the network nodes it connects to, are not cloned, counterfeited, or tampered with. With the Crypto Chipset, attackers cannot see the secret keys that are stored in the protected hardware. This helps to prevent third-party attacks, and data breaches – ensuring the confidentiality and integrity of the data.

Data Retention

The basic data retention rule is that data cannot be longer kept than is necessary for the purposes for which this data is processed

In general, the national camera surveillance laws foresee a legal retention period, which typically is around 30 days. If you believe that you need to retain video data for longer, then you should first check whether this is legal and if so, document for which purpose, how long and the (business) rationale for this.

End users can set retention limits when setting up the system to ensure best practice. They can also remove recorded files automatically based on storage duration settings.

 _{* Data Controller: is the natural or legal person, public authority, agency or another body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law. (Article 4, GDPR). Most end users of security systems will be data controllers under this definition.}

_{Source: Honeywell  GDPR AND ELECTRONIC SECURITY SYSTEMS 2018 Wite Paper}