As video surveillance systems generate large amounts of personal data, it’s crucial to implement data minimization and pseudonymization strategies to meet the requirements of the General Data Protection Regulation (”GDPR”) and safeguard the privacy of individuals. In this blog post, we’ll take a closer look at data minimization and pseudonymization and explain how intenseye applies these techniques in data processing practices in order to provide a balance between safety and privacy.
As we explained in one of our previous blog posts, data minimization is one of the seven general principles relating to the processing of personal data under the GDPR. The data minimization principle requires that organizations should only collect and retain the minimum amount of personal data necessary for a specific purpose. This principle is particularly important when it comes to video surveillance, where the collection and storage of large amounts of personal data can raise serious privacy concerns.
One way to minimize the collection and storage of personal data in video surveillance is through the use of pseudonymization techniques.
As per Article 4 of the GDPR, pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Data pseudonymization is an obligation as stated in Article 25 of the GDPR: The controller shall, both at the time of the determination of the means for processing and at the time of the processing itself, implement appropriate technical and organizational measures, such as pseudonymization, which are designed to implement data-protection principles.
When dealing with video surveillance systems, data pseudonymization might occur by obscuring individuals’ faces in order to make them unidentifiable from the video. One such technique is the use of face blur algorithms, which can obscure the identities of individuals in video footage. These algorithms work by automatically detecting and blurring out the faces of individuals captured in video surveillance footage, effectively protecting their privacy.
💡 Face blurring in both alert evidence images and videos is applied by default at Intenseye. Intenseye never recognizes individuals but detects unsafe acts which may result in serious injuries or even fatalities in high-risk areas already covered with existing video surveillance systems and security cameras in production facilities. The face blurring feature is a standard action for all video data and cannot be undone even upon requests from our customers. Intenseye Research Team also works on a broader and deeper Data Pseudonymization technique which is going to remove the whole personally identifable indicators from the collected frames and videos. Stay tuned for upcoming articles on our blog to hear about the cutting edge AI that Intenseye implements to protect privacy of individuals.
💡 The video data is not recorded at Intenseye for 24/7, as well. If Intenseye does not detect any unsafe act or behavior in the analyzed frame, the data is not stored and it is disposed immediately. Intenseye collects data only if it serves to a purpose, and the data collection purposes are communicated with our customers transparently along with the collected data types. This architecture serves the data minimization principle of GDPR.
Using face-blurring mechanisms in video surveillance systems can be an effective tool for data minimization and pseudonymization. They provide a balance between protecting personal data and ensuring the security and safety of the area being monitored.
Don’t miss out – the next blog in our series, which is written by intenseye Technical Solutions Manager Alex Dumitrescu, will shed light on Storage Limitations and Data Retention.