Towards a Trustworthy Privacy in Pervasive Video Surveillance Systems

Towards a Trustworthy Privacy

in Pervasive Video Surveillance Systemsin Pervasive Video Surveillance Systems

Antoni Martínez-Ballesté, Hatem A. Rashwan, Domènec Puig, Antonia Paniza

Universitat Rovira i VirgiliUniversitat de les Illes Balears

Content

�UNESCO Chair in Data Privacy

�Privacy in Video Surveillance

�Trustworthy ICT?

Towards a Trustworthy Privacy in Pervasive Video Surveillance Systems

�(I) Technology: algorithms and platform

�(II) Law enforcement

�(III) User collaboration

�Discussion

Content



�Trustworthy ICT?





�Discussion

UNESCO Chair in Data Privacy

�Universal Declaration of Human Rights (1948)

– “No one shall be subjected to arbitrary interference with

his privacy, family, home or correspondence, nor to

attacks upon his honour and reputation. Everyone has

the right to the protection of the law against such


the right to the protection of the law against such

interference or attacks”

�Data privacy technologies are about technically

enforcing the above right in the information society


�Unfortunately…

– Lack of awareness of the population on the existing

privacy threats (profiling, tracking, etc.)

– Large companies and the “Big Brother” effect


– Large companies and the “Big Brother” effect

– Lack of comprehensive legislation


�Chair aims and goals

– Promote the adoption of privacy-preserving

technologies by governments and private sectors

(telecoms, banks, etc.)


– Raise the public awareness of the need and the right to

preserve the privacy of the individuals

– Promote cross-national research on privacy technologies

�We are mainly focused on technologies

Content



�Trustworthy ICT?





�Discussion

Privacy in Video Surveillance

�Example scenario

Preprocessingsurveillance

camera


Video Processing Module

Information System

Trusted Manager

Identification

Contentprotection

User

Security Management Module


�Pervasive technology scenario


Information System

Identification

Contentprotection

Preprocessing


surveillance camera


Information System

Identification

Contentprotection

User

Preprocessing


surveillance camera


Identification

Contentprotection


camera


Trusted Manager

User


Information System

Trusted Manager

Identification

Contentprotection

User

Preprocessing


surveillance camera

Trusted Manager


Information System

Trusted Manager

Identification

Contentprotection

User

Preprocessing


surveillance camera


Information System

Trusted Manager

Identification

Contentprotection

User

Preprocessing


surveillance camera

Information System

Trusted Manager

protection

User



�Typical “privacy” technologies in VS

– Face/people detection

– Blurring/Encryption

�But…


�But…

– Are people notified they are being recorded?

– Is the access to the raw/encrypted data correctly

managed?

– Do the video processing techniques really ensure privacy

of individuals?

Content



�Trustworthy ICT?





�Discussion

Trustworthy ICT?

�The goal of VS is security

�Security vs privacy...

– Is people happy while being monitored?

– Does people feel safe while being under surveillance?


– Does people feel safe while being under surveillance?

Trustworthy ICT?

�Is technology reliable?

– “The degree to which a trustor has a justifiable belief

that the trustee will provide the expected function or

service”


�Technology problems? Owner misbehaviors?

– Are individuals protected by the law? Lack of legislation

can certainly slow down the social acceptance of ICT

�Social acceptance vs. User collaboration

– Web 2.0 trust is based on collaboration of users

Content



�Trustworthy ICT?





�Discussion

(I) Technology: algorithms and platform

�Trusted Platform Module chips

– Can be used to build a plethora of trustable devices

– For instance, trustworthy cameras

– But they could be hacked...


– But they could be hacked...


Information System

Identification

Contentprotection


camera


�In the case of VS, computer vision techniques...

– Must work in real time. If the technique needs some

temporary storage of the raw video, a security leak of

the information system can compromise the privacy of

the individuals.


the individuals.

– Must perform well in terms of accuracy. (i) Must detect

ALL the ROIs (e.g. Faces). (ii) Should not need human

supervision.


�Fortunately...

– There are techniques to detect ROIs in realtime

– And capable of detecting them correctly!

�But...


�But...

– Camera conditions are essential: fixed cameras, good

illumination conditions, etc.

– Some of the literature does not tackle these issues!

– Some of the proposals blur ROIs in the pixel domain and

raw video is stored and accessible to authorized users.


�The platform must fulfil some properties, namely

– Confidentiality, authenticity, integrity

– Security Access

Symmetric



Information System

Trusted Manager

User


Symmetric

Encryption

Public Key

Cryptography

Trusted Certification

Authorities

Secure Logging

Content



�Trustworthy ICT?





�Discussion

Law enforcement

�Directive 95/46/EC on the protection of individuals

with regard to the processing of personal data and

on the free movement of such data

– Any information relating to an identified or identifiable


– Any information relating to an identified or identifiable

natural person can be seen as personal data

– A picture can be considered personal data if it allows

identification of individuals

Law enforcement

�Spanish legislation

– Surveillance must be advertised

– The owner must take the necessary precautions to

ensure the safety of the images and prevent alteration,


ensure the safety of the images and prevent alteration,

loss or unauthorized access

– Data cannot be released to third parties

Does the owner

behave properly?

Law enforcement

�A trust score for VS

High trust. ROIs are

hidden, no supervision /

High trust + notification

In case of identification

IMAGE PROTECTION DATA ACCESS


No trust. ROIs are not

hidden

No trust. Anyone can

access the original data

Low trust. ROIs are hidden,

but human supervision is

needed / no real time

Low trust. Only

authorized users can

access ALL THE DATA

hidden, no supervision /

no real time High trust. Anyone accesses

the protected data, auhorized

users access original data.

Law enforcement


IMAGE PROTECTION LOW

DATA ACCESS HIGH

Data is protected and sent to SECURITAS. Original data is only available to police.

Content



�Trustworthy ICT?





�Discussion

User collaboration

�User collaboration is natural in state-of-art internet

services:

– Collaborative recommendation systems

– Collaborative privacy techniques: Instead of trusting a


– Collaborative privacy techniques: Instead of trusting a

third party, users collaborate to gain privacy.

�It is interesting that users are informed upon being

recorded by VS systems

User collaboration

�Smartphone and web application

surveillance camera

Tag


User Application

Server

Web interface

Database

web browser

TagValidate

Inform

User collaboration

�Smartphone and web application


DISCUSSION
