Mass Surveillance

Home Office CCTV: free mass surveillance?

The Home Office has for several years run a programme to supply Mosques, temples and Synagogues with security equipment including CCTV cameras. This has recently been extended with more than £117m allocated for mosques, Muslim faith schools and community centres. This follows a £70m package for Jewish groups. The CCTV camera systems are installed through a single vendor, chosen by the Home Office, called Esotec Ltd.

The problem with cloud-based storage

While the details of the Esotec systems are not known, it is common for CCTV systems to include cloud based storage of footage. The reasons are obvious, not least that the files are large, and management can be more easily done by a third party, for instance deleting files after a fixed period.

Cloud-based storage opens up the potential for secretive surveillance powers to be used without the end user’s knowledge. In short, it creates the possibility for the security services such as MI5 to bulk seize camera footage across all sites without the knowledge of the CCTV system owners.

There are safeguards provided in the Investigatory Powers Act 2016 (IPA): bulk supply of data to the security agencies would require a warrant, and the purposes would be limited for instance to matters of serious crime and national security. However, whether these safeguards would prevent the seizure or abuse of any data that is seized is a matter for debate.

At this point, we want to draw attention to the possibility that cloud stored CCTV data could be seized, and to ask for greater transparency over the operation of this Home Office scheme. In particular, potential participants looking at the scheme should consider if they would want this possibility to exist in systems they may install, and whether they should ensure local rather than cloud storage of any footage collected.

These concerns are exacerbated by the acquisition of Esotec in 2021 by a US company, Johnson Controls Inc. Esotec’s privacy policy is now that of Johnson Controls and can be found here, which notes the possibility of data seizures under the US FISA s 702. Among other items we would want to know is the way that data is retained and for how long, information which the policy explains is contained in “product specific” data sheets.

Legal powers for secret surveillance

When CCTV is stored and contains personal data it must be stored securely and can only be used for specific purposes. These are normally defined in GDPR and the Data Protection Act. Warrants, and production orders for footage would be available to the police, subject to conditions.

Bulk data set powers, however, are only available to the intelligence agencies, and not to the police. The arrangements and conditions are described in Part 6 of the IPA. Such warrants are subject to approval by judicial commissioners. Some bulk data sets can be acquired commercially or supplied voluntarily but conditions nevertheless also apply. (Some revisions are being considered in the current Investigatory Powers Amendment Bill now in the House of Lords.)

Obtaining this type of data without the knowledge of the owner or vendor would require an Equipment Interference warrant under Part 5 IPA or Part 6 Chapter 3. Here too double-lock approval by judicial commissioners is required.

The criteria for obtaining bulk datasets are for the purposes of preventing or detecting serious crime or the economic well-being of the UK in so far as such are relevant to the interests of national security.

How bulk CCTV footage may be used

Analysis of CCTV footage is becoming easier over time, thanks to pattern recognition and learning technologies, often called ‘Artificial Intelligence’. It is possible to try to recognise individuals from the way they walk, facial recogition, clothing, and so on. While these have limitations, these reduce as definition increases. The likely purposes of analysing CCTV in this way could include identifying where persons of interest attend, and to establish social maps of contacts and other people who appear to be associated with a person of interest. Having large amounts of data available therefore increases the value of the material to the intelligence agencies.

While the criteria for using bulk datasets should in theory offer safeguards, agencies can find themselves under political and institutional pressure to produce results which lead to mistakes.

A trust risk

The seizure of CCTV data from this Home Office scheme would constitute the mass surveillance of people at a place of worship, merely for attending that place of worship. We may hope that this would be taken into account in production of a warrant allowing the data to be seized, but it is not clear that it would prevent a warrant from being issued. It is also not possible for the government to credibly rule out such seizures, as the powers are exercised in secret, and governments change quite regularly. The possibility of a deeply damaging breach of trust are therefore significant. This increases the need for transparency from the Home Office, but also highlights the dangers of the bulk data powers that the government has awarded itself, and the potential limitations of oversight.

Retention and oversight

If data was seized by security agencies, it would be important to know how long it was kept for and what the justification is. This would be part of the discussion made with judges issuing warrants. It should also be something discussed with parliamentary oversight bodies. A further concern is that retention periods requested by agencies are likely to be long or indefinite, which changes the nature of its use. A Technical Advisory Board assesses the risks when warrants are requested. As time goes on and machine learning (artificial intelligence) techniques improve, the intrusiveness of the uses the data retained can be put to increases.

Oversight of agencies and police use of CCTV is becoming more difficult, which would be a problem if, for instance, police were to collect any data from Estotec. The current DPDI Bill will allow police databases containing CCTV images collected for ANPR or other general purposes to be simply repurposed for national security purposes and redeployed, beyond the sight of the ICO. Meanwhile, the Biometric and CCTV Commissioner is also to be abolished. It is unclear if any oversight for such repurposed data will exist in practice.

What you can do

  • If you already have one of the Esotec systems installed, you can get it touch and send us details of the system. In particular, we would like to know if it is always cloud based, locally stored, or if there are options that can be configured by the system owner
  • If you are considering using the Home Office scheme with Esotec, please ask for details of their data storage options, and if you are able, supply details of these to us at ORG.
  • If you have been considering using the Home Office scheme, or attend a place of worship where Home Office funded CCTV has been installed, please raise these concerns with the relevant decision makers.
  • Ask for clarity on this scheme from the Home Office by writing to your MP. They can ask the Home Office to explain how the system works, if it is cloud based or if it can store footage locally, and in what circumstances powers under the IP Act might be exercised.