Periodic Reporting for period 1 - SISSVid (SISSVid: Secure and Intelligent Storage System for Large-scale Visual Data Analytics)
Période du rapport: 2023-09-04 au 2025-11-03
The widespread deployment of closed-circuit television (CCTV) systems across public, semi-public, and private environments has made video surveillance a central component of modern digital infrastructure. These systems play an increasingly important role in public safety, crime investigation, urban management, and operational monitoring. At the same time, they generate vast volumes of visual data that frequently contain highly sensitive personal information. This has led to growing societal, ethical, and legal concerns regarding privacy, data protection, and public trust in surveillance technologies. Within the European Union, these challenges are framed by the General Data Protection Regulation (GDPR), which establishes data protection as a fundamental right and requires lawful, transparent, and proportionate processing of personal data. Despite the regulatory clarity of the EU General Data Protection Regulation (GDPR), existing CCTV technologies remain largely misaligned with its core principles. Conventional surveillance systems typically store raw or weakly protected video footage, exposing data controllers to significant compliance risks. At the same time, large-scale CCTV infrastructures generate vast volumes of video data, much of which is redundant. Conversely, many privacy protection solutions rely on irreversible anonymisation techniques, such as permanent blurring or masking, which destroy evidential value and severely limit lawful analytics, post-event investigation, and forensic use. This situation creates a persistent gap between regulatory requirements and technological practice in real-world surveillance deployments. The need for data minimisation mechanisms further highlights the lack of GDPR-aligned design in existing surveillance technologies.
The overall objective of the project SISSVid (Secure and Intelligent Visual Data Storage for Analytics) was to design, implement, and validate a GDPR-compliant framework for secure storage, intelligent search, and retrieval of large-scale CCTV video data, without sacrificing analytical utility or operational efficiency. Our work was motivated by the recognition that privacy protection and effective surveillance analytics should be treated as complementary design requirements, rather than competing objectives.
Specifically, the project aimed to:
• Enable privacy-by-design video storage through selective and reversible protection of sensitive visual content;
• Implements the summarisation to identify frames containing meaningful events while filtering redundant content;
• Support intelligent search and retrieval directly over encrypted video data;
• Operationalise GDPR principles such as data minimisation, confidentiality, accountability, and lawful access in a technically feasible and scalable manner;
• Bridge the gap between legal compliance, technical implementation, and real-world surveillance needs.
The overall objective of the project SISSVid (Secure and Intelligent Visual Data Storage for Analytics) was to design, implement, and validate a GDPR-compliant framework for secure storage, intelligent search, and retrieval of large-scale CCTV video data, without sacrificing analytical utility or operational efficiency. Our work was motivated by the recognition that privacy protection and effective surveillance analytics should be treated as complementary design requirements, rather than competing objectives.
Specifically, the project aimed to:
• Enable privacy-by-design video storage through selective and reversible protection of sensitive visual content;
• Implements the summarisation to identify frames containing meaningful events while filtering redundant content;
• Support intelligent search and retrieval directly over encrypted video data;
• Operationalise GDPR principles such as data minimisation, confidentiality, accountability, and lawful access in a technically feasible and scalable manner;
• Bridge the gap between legal compliance, technical implementation, and real-world surveillance needs.
The project carried out a sequence of coordinated technical and scientific activities, progressing from system analysis and design to algorithm development and experimental validation.
The work began with a technical analysis of existing CCTV storage and retrieval architectures, identifying limitations related to privacy protection, scalability, and compliance. Based on this analysis, a multi-layer system architecture was defined, integrating video summarisation, semantic understanding, selective encryption, and privacy-preserving retrieval. A video summarisation and pre-processing pipeline was developed using motion-based techniques to identify frames containing meaningful events while filtering redundant content. This significantly reduced storage and processing requirements while preserving forensic relevance. Semantic labelling and indexing were implemented using deep learning–based panoptic segmentation models. This enabled pixel-level identification of objects and regions of interest (such as persons and vehicles), assignment of persistent instance identifiers across frames, and extraction of semantic attributes and contextual metadata for encrypted indexing. A central technical contribution was the implementation of selective, reversible encryption for surveillance video data. Lightweight AES-GCM encryption was applied only to sensitive regions of interest, preserving contextual information while ensuring confidentiality and integrity of personal data. The reversible nature of the encryption supports lawful reconstruction for authorised forensic or evidentiary use. Privacy-preserving search and retrieval mechanisms were developed to operate directly on encrypted data. Attribute-based searchable encryption was combined with semantic tokens and metadata, enabling content-based queries without decrypting stored footage. Activity recognition models were integrated to support event-level queries. The decryption mechanisms were implemented to ensure that decryption occurs only authorised persons, completing an end-to-end secure processing lifecycle. Collaboration between computer science and law ensured that concepts such as data minimisation, reversibility, accountability, and lawful access were translated into concrete system mechanisms. This interdisciplinary approach enabled the project to address not only how surveillance data can be processed securely, but also how legal and ethical requirements governing the processing of personal data can be embedded directly into system design.
The work began with a technical analysis of existing CCTV storage and retrieval architectures, identifying limitations related to privacy protection, scalability, and compliance. Based on this analysis, a multi-layer system architecture was defined, integrating video summarisation, semantic understanding, selective encryption, and privacy-preserving retrieval. A video summarisation and pre-processing pipeline was developed using motion-based techniques to identify frames containing meaningful events while filtering redundant content. This significantly reduced storage and processing requirements while preserving forensic relevance. Semantic labelling and indexing were implemented using deep learning–based panoptic segmentation models. This enabled pixel-level identification of objects and regions of interest (such as persons and vehicles), assignment of persistent instance identifiers across frames, and extraction of semantic attributes and contextual metadata for encrypted indexing. A central technical contribution was the implementation of selective, reversible encryption for surveillance video data. Lightweight AES-GCM encryption was applied only to sensitive regions of interest, preserving contextual information while ensuring confidentiality and integrity of personal data. The reversible nature of the encryption supports lawful reconstruction for authorised forensic or evidentiary use. Privacy-preserving search and retrieval mechanisms were developed to operate directly on encrypted data. Attribute-based searchable encryption was combined with semantic tokens and metadata, enabling content-based queries without decrypting stored footage. Activity recognition models were integrated to support event-level queries. The decryption mechanisms were implemented to ensure that decryption occurs only authorised persons, completing an end-to-end secure processing lifecycle. Collaboration between computer science and law ensured that concepts such as data minimisation, reversibility, accountability, and lawful access were translated into concrete system mechanisms. This interdisciplinary approach enabled the project to address not only how surveillance data can be processed securely, but also how legal and ethical requirements governing the processing of personal data can be embedded directly into system design.
The project advances the state of the art by demonstrating that intelligent video search and retrieval can be performed directly over encrypted surveillance data, without reliance on irreversible anonymisation or full decryption. Through the combination of selective, reversible encryption and semantic video understanding, the project shows that privacy protection and analytical utility can be achieved simultaneously. Experimental evaluation demonstrated that motion-based summarisation reduced video storage requirements by up to 80%, while selective encryption reduced encryption overhead by more than 70% compared to full-video encryption. Retrieval accuracy in privacy-preserving inference tasks consistently exceeded 90%, confirming that analytical performance is preserved. The project reached Technology Readiness Level (TRL) 3, delivering a validated proof-of-concept and establishing a solid foundation for further development and real-world validation.
From a societal perspective, the project addresses a central challenge in modern surveillance: balancing public safety and operational effectiveness with the protection of fundamental rights. By enabling lawful and proportionate handling of surveillance data, the project supports increased public trust in digital surveillance technologies. Economically, the results are highly relevant to a rapidly growing video surveillance and analytics market in which regulatory compliance is increasingly decisive for adoption, creating opportunities for compliant innovation, particularly for video management systems vendors, SMEs, and public-sector deployments.
From a societal perspective, the project addresses a central challenge in modern surveillance: balancing public safety and operational effectiveness with the protection of fundamental rights. By enabling lawful and proportionate handling of surveillance data, the project supports increased public trust in digital surveillance technologies. Economically, the results are highly relevant to a rapidly growing video surveillance and analytics market in which regulatory compliance is increasingly decisive for adoption, creating opportunities for compliant innovation, particularly for video management systems vendors, SMEs, and public-sector deployments.