The DPO of a local authority was considering the security of CCTV data on edge recording devices, recently. She was concerned about the data being retained in an insecure format and what might be done, practically, to solve or reduce the risk.

I’ve long expressed concern about the insecurity of recording images in camera units (at the edge) and how manufacturers do not encrypt such data, as a matter of course. This is also the case with body-worn video cameras where the less expensive models in a manufacturer’s range are rarely encrypted

Without doubt this is a matter of cost, the belief that in order to be competitive costs must be trimmed and installers or system integrators have not brought the evident risks to their customers’ attention.

It is a simple matter of software to introduce encryption, in most cases, and one that I’d firmly recommend in order to ensure compliance with the GDPR.