Moscow authorities could stream data from city CCTV cameras to the public.

Moscow authorities may stream information from the city’s surveillance cameras into the public domain and sell it, Kommersant has found in one of the contracts for installing cameras.

\n

Under the terms of the contract from the Moscow Department of Information Technology (DIT), which was obtained by the Moscow Telecommunication Corporation, the latter will install four thousand cameras in hospitals.

\n

Among the information processing purposes listed in the contract, there are two items:

\n

\n
• «providing access to information to users of the ЕЦХД [Unified Data Storage and Processing Center], including on a paid basis»;

\n

• «broadcasting information in open access» on the Internet.

\n

\n

The same aims are set forth in other DIT contracts on transferring data to the ЕЦХД. As the publication found, the data come from at least 25,000 surveillance cameras.

\n

The DIT said that the wording about streaming on the Internet is standard, and that providing access to data in the ЕЦХД and broadcasting video from hospitals is not planned.

\n

Lawyers, however, note that such formulations threaten Moscow residents’ personal data.

\n

«The very provision that data may be sold to third parties, while it does not specify to whom or for what purposes, creates an even greater threat of leaks and access to sensitive data by an undefined circle of people. This information could be used for fraud, surveillance and social engineering», —said the head of legal practice at RosKomSvoboda and partner at the Center for Digital Rights, Sarkis Darbinian.

\n

The DIT press service denied that data from the cameras are sold.

\n

«Information that the Moscow DIT plans to sell footage from the city’s CCTV system does not correspond to reality. Access to camera recordings on a commercial basis is not provided and is not planned,» the press service told TASS in a statement.

\n

DIT also stressed that access to the ЕЦХД is provided under sanctioned access for authorised personnel.

\n

However, Sarkis Darbinian contends that ‘the DIT is blatantly lying’:

\n

«What the DIT calls sanctioned access is, in fact, an uncontrolled leaky system, in which there is no clear and effective oversight over who uses the system and on what grounds.»

\n

In July, the dark web saw the sale of access to all Moscow CCTV cameras. ForkLog previously learned from experts how data ends up on the black market.

\n

Most cameras are equipped with facial recognition. Recently RosKomSvobodademanded that a moratorium on its use be imposed until the necessary safeguards against abuses are implemented.

\n

Subscribe to ForkLog news on Telegram: ForkLog Feed — the full news feed, ForkLog — the most important news and polls.