No. 69: Bringing you the news that matters in video privacy and security

Emerging technologies present vast opportunities, but their swift evolution poses regulatory challenges. The need for comprehensive regulation is clear, yet enforcement frequently encounters legal loopholes and jurisdictional hurdles.

Take Clearview AI's recent court case: despite concerns over their vast facial image database, a tribunal overturned the ICO's fine due to jurisdictional nuances. The UK regulator could not adjudicate how a foreign entity uses British citizens' data. This underscores the challenge of applying national regulations to entities operating in a global digital ecosystem.

In Scotland, concerns surrounding Police Scotland's cloud-based evidence-sharing system highlight the complexities of data sovereignty in an interconnected world. It is hosted on a US-based cloud infrastructure, which brings to light the very real risk of exposing sensitive biometric data of Scottish citizens to potential access under the US Cloud Act.

Meanwhile, the ICO is pressing employers on the ethical implications of workplace monitoring and tracking employees, as remote work continues to blur the boundaries of professional and personal environments. As AI tools rapidly weave into workspaces, clear guidelines are essential to balance organisational needs with individual rights.

As technology continues to progress, it's imperative for regulators and stakeholders to evolve in tandem. Regulatory frameworks must keep pace: to ensure growth doesn't compromise data rights and safety, and enforcement is properly carried out with the help of necessary guidance and supplementary measures. 

As always, please send any feedback or topics of interest you would like to be covered.

Seena, Editor

News

Clearview AI overturns UK fine on facial recognition database 

Facial recognition company Clearview AI, known for amassing billions of facial images from public internet sources, successfully appealed a £7.5 million fine imposed by the UK ICO. A tribunal determined the ICO didn't have jurisdiction for the fine since Clearview's system was only used by law enforcement agencies outside the UK.

The Independent: Facial recognition firm Clearview AI overturns UK data privacy fine

BBC News: Face search company Clearview AI overturns UK privacy fine

California moves to strengthen privacy over in-vehicle camera data

The California Assembly has approved legislation that would alert drivers when in-vehicle cameras collect images and prohibit their sale for advertising or to third parties. The bill seeks to enhance consumer control over personal data.

Bloomberg News: California Adopts New Privacy Law for In-Vehicle Cameras

Government Technology: California Progresses In-Vehicle Camera Privacy Measure

Scottish Biometrics Commissioner raises concerns over police's cloud-based system

The Scottish Biometrics Commissioner has expressed concerns over Police Scotland's use of a cloud-based digital evidence-sharing system hosted on Microsoft Azure. The system, which stores sensitive biometric data and could give access to it to US corporations, was flagged as possibly illegal due to the US Cloud Act.

Biometric Update: Watchdog cries foul over Scotland Police biometrics-sharing pilot storing data in US

Computer Weekly: Scottish biometrics watchdog outlines police cloud concerns

UK ICO issues guidelines on employee monitoring amid rising privacy concerns 

The ICO has released guidelines advising employers on the legal and ethical considerations of monitoring employees, either in-office or remotely. The guidelines emphasise balancing the need to monitor employee performance with respecting their privacy. 

The ICO: Employment practices and data protection − Monitoring workers

The National Law Review: UK Information Commissioner Publishes New Guidance on Employee Monitoring

Kensington and Chelsea council trials surveillance software

Kensington and Chelsea Council confirmed its trial use of US surveillance software Fusus on two estates to ensure resident safety by analysing CCTV images. However, concerns were raised about the potential for treating residents as suspects.

BBC News: Kensington and Chelsea Council admits using AI-led surveillance software

My London: West London council admits using US surveillance software with concerns it is 'step up' on CCTV

AI Snippet of the Week

AI chatbots could aid in planning biological attacks

A study by a US think tank revealed that AI models, specifically large language models (LLMs), could potentially assist in planning a biological attack. The findings emphasise the need for stringent AI model testing.

The Guardian: AI chatbots could help plan bioweapon attacks, report finds

RAND: The Operational Risks of AI in Large-Scale Biological Attacks

Policy Updates

California passes Delete Act 

California Governor Gavin Newsom has signed the Delete Act, enabling Californians to request data brokers to either delete their personal data or prohibit its sale with a single request. The law targets companies with significant revenue from data sales and includes stringent intervals and audit checks.

The Verge: California’s newest law will make it easier to delete personal online data

The Guardian: Californians can scrub personal info sold to advertisers with first-in-US law

To subscribe to our fortnightly newsletter, please click here

Thanks for reading, if you have any suggestions for topics or content that you want to see covered in future please drop a note to: info@secureredact.co.uk