
CryptoCam: Privacy Conscious Open Circuit Television - adulau
https://arxiv.org/abs/2004.08602
======
mattlutze
A lot of this proposal is interesting, but the proposed invention is really
concerning. The proposed CryptoCam (section 5) in particular ignores the
privacy rights of recorded individuals in an attempt to offer greater access
to recorded footage.

Section 5, the proposed CryptoCam, is to me the most concerning. The proposed
solution would use location-awareness communicated from a recording subject's
digital proxy in order to collect encryption keys to later access footage that
they may have been a subject in.

This gives a person access to:

1\. The biometric information of private individuals, based only on their
proximity to those individuals (faces are incredibly sensitive information)
2\. Any intellectual property or sensitive information that may have been
visible during the period that they passed through a space.

Someone intending to perform an illicit activity need only wander through a
space and receive the exact perspectives and resolutions of existing cameras
in order to summarily defeat the protective capabilities of that video
surveillance deployment.

There's so many new ways a system like this can be abused, and the proposed
setup doesn't reduce any existing abuse vectors.

2 additional concerns:

There exists with video surveillance today an understanding that one or more
agent is watching, recording or analysing footage, and that footage may exist
for some period of time. Benefits of video surveillance may include deterring
illicit activities, particularly when the location and perspective of cameras
is generally but not specifically known.

3.2 suggests a framework for access, but I do not, at first read, understand a
change being proposed from what is currently industry standard practice;
access to recorded footage is generally need-based and restrictive.

3.3.1 suggests new mechanisms for exposing some of this information (active vs
passive monitoring, whether recording exists). I mention it above but the
partial Panopticon effect is one of the main reasons video surveillance has a
deterring effect.

~~~
mattlutze
The real benefit inspired by the authors might be in a logging scheme for
moving in surveilled spaces. When I pass through a bounded space, my tracker
app gets a log of the camera whose space I moved through. If you wanted to
request the footage you’d have a 2-party confirmed list of cameras and times
to request, reducing impact of a request and potentially increasing East of
compliance.

This would be difficult still without fine-detail geographic bounding via
maybe Bluetooth and likely very expensive to retrofit into existing systems,
but would also still protect other private individuals’ privacy and security.
Released footage could still be masked, for example, and access and use
encouraged to be more directly audited.

------
galacticaactual
A valiant though experiment. But the value in CCTV exists IN the latent
information asymmetry between watcher and watched. No operator is going to
voluntarily subjugate that.

------
6510
I think the watchers are more trust worthy than uhhh random devices in
proximity.

I would like to see a request for data be logged along with a description of
an offense. An international government committee with at least 1 randomly
rotated member from each foreign country each of which has the key. (there is
no key inside the country) If just one deems it necessary the footage is made
available to either local law enforcement, a judge or a citizen who has
legitimate reason to review it. If no offense is found nothing is released. If
the choice is sufficiently dubious the reviewer is reviewed and replaced.
(plenty of people with eyes)

That way we can have tons of cameras without all the paranoia.

------
amelius
For anyone wondering how this works, the TL;DR is in figure 1.

> Fig. 1. Footage is recorded, encrypted and uploaded to a cloud storage
> provider. Encryption keys are distributed to phone-based listening clients
> nearby. Phone clients later retrieve encrypted footage from the cloud and
> decrypt the contents usingthe key previously provided locally, then the
> footage can be played on the device.

------
wobbly99
So it's cloud stored localized panopticon?

