Video surveillance is an omnipresent phenomenon in today ’ s metropolitan life. Mainly intended to be used as evidence for solving crimes, to register crimes immediately through realtime-monitoring or to simply act as a deterrent to criminals, video surveillance has also become interesting in economical contexts; e.g. to create customer profiles and analyse patterns of their shopping behaviour. The extensive use of video surveillance is challenged by legal claims and societal norms like not putting the whole populace under generalised suspicion or not recording people without their consent. In our contribution we present a solution to balance the positive and negative effects of video surveillance, consisting of both technological and societal components.
Regarding technology, the surveillance cameras need to be modified such that the images of people are by default anonymised before the data even leaves the camera ’ s circuitry. This is done cryptographically with secret keys that are practically impossible to extract from the camera ’ s secured hardware. The counterpart of these keys can only be generated by an ombudsman-organisation which only does so when there is a legitimate cause. The establishment of this neutral organisation and the trust of the populace in both this organisation and in the proclaimed security of the technology are the societal component of our proposed solution, which we dubbed Digital Cloak of Invisibility (DCI).
Aimed at an inter-disciplinary audience, we give an outline of the technological implementation and its feasibility. We then show that many of the legal and ethical objections to conventional video surveillance are accommodated when video surveillance would be augmented with the DCI concept. The same can be shown for the commercial applications. Eventually we point out that the DCI is not at all restricted to video surveillance which merely serves as a highly intuitive proof-of-concept scenario. Basically, any other scenario is suited just as well, in which sensitive individual related data is stored to be accessed only in rare occasions when investigations take place (e.g. communication meta data or movement profiles from cell phone towers).