People counting

Data protection and privacy by design with Time-of-Flight people counting

Personal privacy should be a top priority when choosing a people counting solution.

While many systems claim to provide anonymity by concealing personal identifying information (PII), such methods are vulnerable to exploitation.
Privacy By Design

This article explores security issues associated with people counting devices that rely on anonymization or pseudonymization protocols and demonstrates how Terabee people counters, that use Time-of-Fight technology provide true anonymity and data privacy by design.

Anonymization vs true anonymity

Many people counting devices, such as camera and radio frequency identification (RFID)-based systems, employ anonymization or pseudonymization protocols to protect the privacy of the people they track. 

Anonymization refers to the process of removing personal identifiable information from data sets. Pseudonymization is a closely related term describing the replacement of personal identifying data with artificial identifiers known as pseudonyms.

Privacy Data Protection By Design

In the context of people counting systems, anonymization and pseudonymization fulfill similar roles. Systems that rely on such methods will first capture personal identifying data from the people they count.

For example, RFID-based systems may capture an employee ID number, while camera-based people counting systems typically capture footage of faces and clothing.

This information will then be masked, encrypted, stored in an inaccessible location, and deleted to mitigate privacy risks.

While these systems may be theoretically sound, they are fundamentally insecure in real-life implementations. 

Anonymization and pseudonymization steps are only taken after the system has already captured personal identifying data.

As a result, security attacks and exploitation of such systems can render this information accessible to third parties.

Legal and practical implications of anonymization

From the 2017 Equifax breach to the recent SolarWinds attack, the incidence rate of high-profile cybersecurity breaches shows us that securing private data is far from resolved. 

One cybersecurity concept that has emerged due to such attacks is the “assume breach” paradigm. Assuming a given system can be hacked (or even that it already has been) is the first step toward strengthening system security. Working on this basis, the only way of ensuring that people counting provides complete privacy is to ensure that it never captures personally identifying information in the first place.

Organizations using people counting systems that capture or process personal data are under legal obligations to manage this data correctly. In EU countries, these requirements are outlined by the General Data Protection Regulation (GDPR), which imposes strict obligations on any organizations that collect or process data related to people in the EU. (1)

Many non-EU countries have corresponding legislation, such as the Data Protection Act in the UK. (2)

Time-of-Flight people counters

Some suppliers of people counters state that data protection legislation, such as GDPR, does not apply because their devices and systems delete or anonymize images immediately. However, the law is generally clear on this issue. 

For example, the European Commission considers that collection, adaptation or alteration, erasure, or destruction of personal data all qualify as “data processing”. GDPR also applies to the processing of personal data wholly or partly by automated means. (3)

The Swedish Authority for Privacy Protection (the public authority tasked with protecting individual privacy in Sweden) corroborates this statement, having previously stated that deletion or anonymization of personal data does constitute the “processing of data”. (4)

A people-counting system can only claim to be intrinsically secure and anonymous if it does not capture private data in the first place.

Privacy And Data Protection By Design
People Counting Anonymous Privacy Protection

Anonymity and privacy protection

Terabee people counting systems avoid personal data handling entirely as they are fundamentally incapable of capturing personally identifying information in the first place. This is accomplished by infrared Time of Flight (ToF) technology. (5)

Rather than using cameras, RFID, WiFi sensing, or other technologies that may constitute a privacy risk, Terabee people counters work by emitting invisible infrared light pulses and detecting them as they reflect off their surroundings. 

Terabee’s time-of-flight sensors can collect information about the distance of different points in their environment by precisely monitoring the time taken by different parts of the pulse to reflect back to the sensor.

Terabee sensors do not capture personally identifying information about the people they count, nor do they record conventional images, video or sound. 

Thanks to advanced onboard processing capable of detecting human figures as they pass through the detector’s field of view, Terabee people counters achieve extremely high levels of accuracy and reliability.

Terabee’s data processing algorithms filter out static objects and accurately count people even in crowded bi-directional traffic. All data is analyzed onboard Terabee’s people counter devices: they output accurate room occupancy data, as numbers of people entering or leaving a designated area without further processing.

People Counting solutions from Terabee

Terabee provides people counting solutions based on intrinsically secure and infrared Time-of-Flight technology with no camera used.

The People Counting L-XL is the company’s flagship people counter, offering a 1.50 m x 1.10 m field-of-view and multi-device connectivity to provide coverage of wide entranceways. It is available in both a PoE and a LoRaWAN-enabled model, which means no cabling when installing the sensors in older buildings, a significant time-saver. The smaller People Counting M is designed for single doorways and narrow corridors.

The People Counting L-XL and the People Counting M are versatile, easy to install, and can be configured from any web-connected device via a web GUI. They provide GDPR-compliant data, which is 100% anonymous.

Terabee Time-of-Flight technology provides effective performance in low light conditions, and the robust people-counting algorithm delivers up to 98% accuracy.

People Counting Privacy By Design

Contact us to speak to an expert about your people counting challenges and requirements. Get in touch today!

If you would like to learn how to deploy people counting solutions in your facility, contact a member of the Terabee team. 

References and further reading

  1. What is GDPR, the EU’s new data protection law? (2018)
  2. Data protection. GOV.UK
  3. What constitutes data processing?
  4. People counting systems and GDPR – All you need to know
  5. Time-of-Flight principle (ToF): Brief overview, technologies and advantages

Related products

My Cart