The Framework was drafted to address privacy concerns related to the recording of video, the collection of personally identifiable information and the use of biometrics, radio frequency identification (RFID) and other security technologies.
“While security without privacy is possible, privacy without security is impossible,” said Kathleen Carroll of HID Global, the chair of the SIA Government Relations Department’s State & Local Policy Working Group. “SIA has taken a significant step forward in providing guidelines as to how responsible protection of personal privacy can be practically applied throughout the security industry. HID Global is proud to have actively participated in the development of the Privacy Framework and is committed to offering secure identity solutions that adhere to the privacy protection principles laid out in the document.”
SIA has been active in promoting the responsible use of security technology. It has opposed legislative efforts in several states that would have sharply restricted the use of such technologies as biometrics and RFID, arguing that these moves are an inappropriate and ill-informed reaction to legitimate concerns about privacy that would result in the use of less reliable technologies that could make people less secure and make private information more vulnerable.
“Overly restrictive government privacy policies can lead to excessive litigation, prevent the delivery of cutting-edge security solutions to end-users, and impose unnecessary delays in the allocation of grant funds for critical infrastructure protection projects at our nation’s ports, transit systems, schools and universities, and other essential facilities,” the Framework states. “SIA members know all too well how changes in technology occur much faster than legislatures and policy-makers can address those changes.”
The Framework identifies 12 guidelines to be followed in the deployment of electronic physical security solutions. The guidelines include:
* Conducting privacy impact assessments. * Implementing privacy-enhancing solutions during the design phase of products, when possible. * Limiting access to personally identifiable information within an organization to those who have a “need to know.” * Adopting a security breach notification plan. * Establishing a retention policy for personally identifiable information and a procedure to ensure that such information is destroyed at the time stipulated by the policy.
The full Privacy Framework is available on the SIA website.
The Security Industry Association (www.siaonline.org) is the leading trade group for businesses in the electronic and physical security market. SIA protects and advances its members' interests by advocating pro-industry policies and legislation on Capitol Hill and throughout the 50 states; producing cutting-edge global market research; creating open industry standards that enable integration; advancing industry professionalism through education and training; opening global market opportunities; and providing sole sponsorship of the ISC Expos, the world's largest security trade shows and conferences.