Remote Sensing and Image Processing: Examining Privacy and Data Protection Issues

The paper attempts to define and examine privacy as well as undertake a somewhat detailed study of the legal regulations relating to privacy and data protection extant in two of the most advanced economies, the US and the EU. It observes that other countries have taken to remote sensing only relatively recently and their laws on privacy and data protection borrow the main principles followed in these two major economies.

The paper also presents details on the various facets of privacy rights and their protection, particularly privacy issues relating to remote sensing technology. It describes the fundamental considerations behind the legislation and regulations in force in the EU and the US, compares them, and also derives the basis of the laws in force in the two world entities.

Information privacy as different from personal privacy is also highlighted and some of the key issues that have emerged, particularly about remote sensing and image processing, are discussed in detail. The paper concludes that the EU privacy laws are more comprehensive than their US counterparts and even in other parts of the world, the privacy laws are under threat from rapidly advancing technology and data proliferation through the Internet and other modern systems.

Table of Contents

1. Introduction: Remote Sensing and Image Processing
2. Application of Remote Sensing
3. Privacy Considerations
4. Privacy in Remote Sensing and Image Processing
5. Data Protection
6. Data Protection in Remote Sensing
7. Principles in Privacy Regulation (Data Protection)
8. Privacy (Data Protection) Principles in the EU and the US, Compared.
9. Conclusion
10. References

Introduction: Remote Sensing and Image Processing

Sabins (1987) refers to remote sensing as methods using electromagnetic energy for detecting, recording, and measuring the features of a target object like the surface of the earth. The National Research Council of the National Academies terms it as a method for retrieving data or images from sensors or cameras kept at a distance from the target object, and in contrast to direct human observation. Remote sensing can be termed as both an art and a science. Remote sensing essentially consists of recording reflected or emitted electromagnetic energy and processing or analyzing the same. Lillesand and Kieffer (2000) observe that remote sensing comprises data collection and analysis from electromagnetic energy emitted or reflected from an object for obtaining useful information about it.

Remote sensing essentially measures object properties located on the surface of the earth and presents useful information obtained through the method in the form of two-dimensional images. Such remote sensing can be carried out from aircraft or satellites whereby various characteristics of the earth’s surface and the atmosphere are recorded and then stored as visual data in the form of digital images or as films.

Lillesand and Kieffer (2000) observe that most of the data obtained from remote sensing are in the form of reflectance images. Common types of such data are the so-called spectral bands. In addition to the generation and analysis of aerial and satellite images, remote sensing also finds application in diverse fields like medical imaging, quality control practices in the industry, security, and national and industrial surveillance programs.

The United Nations envisages remote sensing as an activity for benefiting nations as also a mechanism for helping prevent natural disasters globally. In addition, to use in emergencies, remote sensing techniques and images processed using the same find extensive use in computer and Internet mapping of data. Weather forecasting commonly also uses a method called microwave sensing, which facilitates an accurate method of collection and integration of weather-related data. Image processing using the principles of remote sensing technology also plays a vital role in national security and anti-terror strategies (Bowles, 2002).

Images recorded by remote sensing are usually in the form of simple representations of the particular objects to be studied. Such images need further processing so that useful information can be obtained from them. Image processing generally consists of image correction, enhancement, transformation, or classification. An important field of study that has emerged is that relating to Geographical Information System or GIS, which is used to capture, store, retrieve, analyze or display spatial data and non-spatial attribute data.

Applications of Remote Sensing

Remote Sensing helps provide geo-information in a spatial format. Also, it helps determine and monitor the earth’s capacity. Environmental protection and sustainable development rely significantly on maintaining a global satellite-based surveillance system that provides vital and timely information in the form of images or spatial data. Such images contain a vast storehouse of information on oceans, land surfaces, the atmosphere, etc. which can be utilized effectively in managing man-made and natural disasters.

Data collected through remote sensing also find use in diverse processes like agricultural forecasting, flood damage assessment, land use management, etc. In the United States, remote sensing finds use in agriculture crop forecasting and management, animal husbandry management, detecting and tracking ice flows in oceans, geology, cartography, demographic modeling, etc. In addition to defense and government applications of remote sensing, the related techniques and spatial images or data are finding widespread use in the private sector.

Public sector uses of remote sensing are in the fields of urban planning, monitoring wetlands, identifying development for tax planning, response planning to mitigate natural hazards, estimating damages from natural disasters, flood planning mapping and flood forecasting, monitoring of forests through reconnaissance mapping, environmental monitoring, species identification, and typing, burn mapping, etc. Applications in geology include use in structural mapping and terrain analysis, geologic unit mapping, etc.

In addition, remote sensing finds important use in Hydrology (soil moisture estimation, glacier dynamics monitoring, flood delineation, and mapping, monitoring sea ice type, content, and motion, etc.), as well as inland cover, land use, mapping, planimetry, topographic and baseline thematic mapping, oil spill detection, etc.

Privacy Considerations

With rapid advances in technology driven by the Internet, computers, space research, and surveillance systems, personal and data privacy as a concept and efficacy are under severe strain. It often appears that privacy is compromised, usually for larger national interests, but often also for commercial interests. Space surveillance and image processing technology, in particular, have increasingly invaded into the personal privacy of individuals.

Remote sensing is both effective and intrusive by nature; the field has some of the most far ranging applications that are crucial to nations and governments and are vital to human survival and development but is also increasingly a subject of controversy relating to perceived data protection and personal privacy violations. The remote sensing arena and the various high-tech applications have given rise to many ethical and legal considerations, which are still evolving in the US, the European Union and elsewhere. Privacy needs to be examined in this context, which this paper attempts to do.

Cooley (1880) has described privacy as a right to be left alone or undisturbed. Margulis (2003) identified certain key elements to privacy, which afford control over transactions and help regulate access to self, thereby increasing the capacity to take personal decisions. Privacy, according to Westin (1967) also indicates what the personal information will be made use of. Westin viewed privacy as a basis for individual development and as protecting a person’s autonomy. In addition, Westin (as quoted by Marguilis, 2003) also gave four functions of privacy, which are: personal autonomy, emotional release, self-evaluation, and limited and protected communication.

Privacy is also regarded as a fundamental right as per international laws. Bok (1983) views privacy as the condition whereby one individual is protected from unwanted access by other individuals, through personal attention, information or physical access. Van Den Haag (1971) treats privacy as an exclusive personal access of an individual or legal entity to a personal realm and also observes that privacy rights entitle a person to exclude other individuals from watching, using or intruding upon his personal and private realm.

The UN Universal Declaration of Human Rights (Art. 12) states that all individuals have a right to private and family life, home and correspondence, and also declares that such right to privacy can only be curtailed by public authority in the interests of national security, public safety or economic benefits of the country. This is along the lines of the European Convention for the Protection of Rights and the Fundamental Freedoms (Art. 8).

However, increased technological advancements have ushered in a new type of privacy, viz. information privacy. Fair information privacy is built within a fair information practice framework. Such an information system is based on certain considerations like openness and transparency, individual participation, limitations on collection of information, data quality, authorized usage, security and accountability (Westin, 1967). Westin’s principles form the basis of privacy regulations in most developed nations in the world today.

Privacy in Remote Sensing and Image Processing

Remote sensing, photogrammetry, theodolites, etc technologies have made rapid advances in the past few decades. Technological innovations include RFID, GPS, and the so-called ubiquitous networks. WiFi technology or Ultra wideband systems enable the revealing of locations of target objects or individuals with remarkable success. Location technology thus allows for effective ubiquitous object and individual surveillance.

Added to this is the improved level of interoperability among systems that contributes for a technological environment where privacy principles are increasingly under threat of being compromised.

Also, nowadays, multiple channels provide round-the-clock access to geographical and governmental data and the heightened national security and other threats only means that information, personal and object privacy is under threat as never before. Peissl (2002) even observes that the human society is heading towards a panoptic-society state, i.e. a state of permanent awareness of one’s observation that facilitates automatic effecting of power. He says that people usually try to circumvent public surveillance systems once they become aware of the same and the technology would also inhibit social, economic and cultural development in course of time.

Privacy has been impacted by geographic information systems or GIS as well as all related technologies like global positioning systems (GPS), geo-demographics, and high spatial resolution remote surveillance systems (Slonecker et al., 1998).

It has been observed in many legal cases that privacy of an individual is unprotected when the subject or property is visible to the public or is in plain view. Hence, since remote sensing generally captures images caused by light reflectance, the techniques involved usually do not violate any privacy rights. The position is somewhat ambiguous in case of thermal sensing, although there have been instances when the courts have allowed thermal imaging for detecting drug production even in case privacy has supposedly been intruded upon.

High-resolution satellite-and often real-time- images, which are increasingly available on the Internet, are a serious concern impacting privacy rights. Sec. 652A of the Law of Torts states that an individual’s privacy can be intruded upon in one of four ways, viz., through an “unreasonable intrusion upon the seclusion of another”, by appropriating another’s name or likeness, through an unreasonable publicity given to the other’s private life, or through publicity that unreasonably places the other in an untrue light in the eyes of the public. It is observed that, generally, the principle of “Intrusion upon one’s seclusion” is most applicable in case of image processing by remote sensing via satellites or aircrafts.

The invasion of privacy by intrusion is described as the intentional invasion of another person’s seclusion or his private affairs or concerns, and the intruder is liable to the such other person for the invasion of his privacy, in case such intrusion is considered highly offending to the person, whom is otherwise considered reasonable; such intruder is liable for the intrusion even though there may not be any actual publication of images or data information.

Hence, while ordinarily the courts view a public disclosure of facts considered to be private, secluded or secretive, and offensive and objectionable to a person with reasonable sensibility as being liable for civil action for invasion of privacy of such person, the law does not view the image capture of an object or person without consent of such person as liable for civil action for privacy infringement, although any harm suffered by the person affected may be eligible for rewarding due damages. Aerial and satellite photographs most often include images of landmarks, commercial locations and vehicles. But such images do not generally invade the privacy rights of individuals or information, in the views of law courts.

Data Protection

Protection of data or information sourced through remote sensing, Internet or various other technological applications is a wide ranging subject. It includes the protection of data relating to personal issues for ensuring the privacy of individuals. Data protection takes various forms and includes copyrighting of data under the Berne Convention, protection under database laws, protection by way of licenses or patents, etc.

The relevant legislation incorporating databases as copyrighted materials is the WIPO Copyright Treaty, 1996 (Art. 5) and the WTO TRIPS Agreement, 1995 (Art. 10) which consider databases as intellectual creations, depending on the arrangement of their contents and hence these laws protect the databases. The two laws complement the provisions of the Berne Convention (Art.2) but are unlike the provisions of the Directive of the EU Protection of Databases. In the United States, databases are not copyrighted by the government but the private database agencies can and do copyright database information; copyrighting is purely voluntary and not mandatory.

The European Commission has in place a legal form of protection of databases which is applicable in the EU countries. Particularly concerning remote sensing and related activities that generate, transform, store, and otherwise process databases, the EC laws are important and afford protection to databases which are work, data or materials which are configured and/or arranged according to a pattern and also can be accessed by electronic means.

Whereas the US system relies on a fair use mechanism, the EU system attempts to accord protection to the maker for processing the data as per his legitimate interests. Processing of the data or information can be done for private and non-commercial purposes, and the protection given by the laws is normally valid for 15 years. The copyright protection is given to the database and does not cover the individual components of such database. The copyright laws in the EU are seen as unduly favoring large commercial data providers. The laws are also seen to perpetuate continuous protection as also diverge in the age-old practice of assigning rights to creators by devolving such rights on investors.

In addition to copyrights, there are other means like encryption and contractual methods that can be used to protect databases. Legal contracts prevent the unauthorized use of databases by agreement between the parties to the contract. In as much as data or information obtained through remote sensing or other surveillance methods result in data or information that need to be processed in one way or another – and the information is usually in the form of special data or images -at one stage or another, the use of computers, internet etc is envisaged for processing images from remote sensing and such other methods.

Legal contracts can effectively control and manage access to large and special databases obtained in remote sensing, image mapping, satellite imaging, etc by national and private parties. A major drawback of legal contracts is that they can only bind the contracting parties while information is often accessed by third parties, often unobtrusively and illegally. In contrast, technical methods like encryption can play a more effective role in ensuring protection of databases, particularly those sourced by remote sensing or other surveillance methods. However, these methods are cost-intensive and very complex.

Often, commercial databases providers use patents instead of copyrights for protecting their databases. In the US, the patents are regulated by the terms of the Paris Convention for the Protection of Industrial Property, 1883 and the TRIPS Agreement (WTO 1995) whereby a database gets patent protection for 20 years (Art. 33). Patent protection depends on each country’s regulations to a large extent. Applications usually are filed via patent agents who know these procedures. Most countries have a national patent office where each patent has to be filed. Essentially, patents attempt to protect intellectual property (IP) rights and restrict misuse of the database elements. Patents can even cover elements like new techniques, tools, or models.

Some of the important considerations for protecting databases by the methods described above are as follows:

1. To protect confidentiality of information, particularly on issues relating to individuals.
2. To protect the rights of the knowledge holders
3. To prevent data release from causing harm.
4. To ensure national security which may otherwise be compromised by release of protected data
5. To protect the individual IP rights; this may require reduced data flow or restricting the data from being released to a wider class of people.

Data Protection in Remote Sensing

While data generated by satellite or aerial imaging needs to be protected, some of the more common reasons for such protection include the following:

1. The need to protect commercial or organizational confidentiality
2. The need to ensure privacy of data relating to individuals or groups.
3. To enforce national laws on export or import of data or information
4. To help incorporate the terms of licensing or such other means adopted
5. To manage liability on databases, products, etc.

Most nations restrict or control the collection, storing, manipulation, transformation or such processing of special data or images created in remote sensing owing to the sensitive nature of such data and the often critical information that the remote surveillance methods obtain. While all nations have in place, some detailed and complex legal regulations to enforce their privacy and database protection laws, such laws are somewhat different in different countries. However, in general, all national legislation contains some key tenets with an underlying common intent.

A common reason for protection of database information is the need to ensure confidentiality which is regulated by the common law in the US. Generally, there is breach of confidence if confidential information is disclosed to third parties. The provisions of the TRIP Agreement standardizes and enforces internationally the concept of protection of trade secrets or confidential information, including such information generated or sourced through remote sensing or other such airborne methods of aerial surveillance.

An important piece of legislation that relates to protection of geospatial databases in the US is as promoted by the US Federal Geographic Data Committee (FGDC). Its provisions formulated as far back as in 1998 was a defining piece of legislation for regulating the protection of data information generated through advanced space technologies like remote sensing. The related policy may therefore be provided as hereunder:

1. At the time of collection of personal data by direct means, individuals must necessarily form an agency of individuals.
2. They must state clearly their reasons for such data collection, as also under what legal authority they are so collecting the data
3. They must clearly state how the information collected will be used and the methods by which the data will be protected for safeguarding their integrity, quality or confidentiality.
4. The penalties or rewards for providing or withholding requested information, and also the ways to ensure fairness of use of the information are to be decided upon.
5. There is also a provision to be anonymous if required, the rights of Redressal, etc as well as the clear mention of the period and manner of retention of agency records.
6. Restriction on the acquisition and use of personal information is to be specified to ensure the personal privacy of the individual
7. Agency staff to be made aware of privacy implications of GIS technology.
8. Provisions to ensure effective management and control of databases to protect confidentiality and integrity of personal information.
9. The prevention of alteration or destruction of information held in or linked to geospatial databases is to be ensured through suitable mechanisms or technology.
10. Ensuring that the information is accurate, timely, relevant and complete to serve the purpose for which such information has been acquired or utilized is also an important consideration to be followed.

While spatial data information is very relevant and useful in planning for natural disasters, agricultural crop forecasting, ice-flow predictions, etc, the combination of descriptive image data and precise location data can be effectively utilized also for spatial analyses. However, Locational data are also disadvantageous in that some of the images generated through spatial data capture could mean violation of privacy or database protection laws.

Generally, the personal right to privacy is the immediate and direct casualty of such advanced, remote surveillance methods. Also, spatial images are most often obtained unobtrusively, and are stored or transmitted through the medium of computers or internet communications. Hence such data can be illegally accessed or used by persons for Illegal or unwarranted use whereby personal information is sought to be handled improperly without the knowledge of the individual concerned. Therefore, one of the essential principles of database protection is that the information must only be used after taking informed consent of the rights holder.

Also, one can hold on to the data only as long as permitted by the rights given by the holder or creator of databases. Additionally, the use of databases can invite the application of fair use laws. Often, exemptions may apply, as in the case of use of databases for research or non-commercial use by academics. One disadvantage of images obtained and stored by remote sensing is that, since mostly such images are digitally processed for use and analysis, the application of copyright laws as regulated by the Berne Convention are not explicitly provided for, although some measure of protection is sought to be provided by the provisions of the TRIPS Agreement and the WIPO Database Protection Treaty.

Principles in Privacy Regulation (Data Protection)

The general principles for data processing and effecting its protection in the EU are based on ensuring personal privacy as per Convention No 108 (Berne Convention); in such respect, for personal data to be automatically processed, it must be:

1. Obtained and processed lawfully and fairly.
2. Stored for legitimate purposes and used as specified, so that such use is not incompatible with the stated purposes of use of the personal data.
3. Adequate and relevant and must be appropriate for the purposes for which the data are stored or used.
4. Must be accurate and upto date.
5. Must be preserved in an easily identifiable form for the period specified for such storage of the data.
6. Must be adequately protected as to security and for preventing unauthorized or accidental destruction or loss as also against unauthorized access, dissemination or alteration.

These same principles find enumeration in the EU Directives governing data protection viz., Directive 95/46/EC of the European Parliament and the Council, on protecting individuals about processing of personal data and on the free movement of such data, and the Directive 2002/58/EC relating to processing of personal data and privacy protection in the electronic communications field. The EU provisions are more structured and stringent than the US laws in the same regard.

However, remote sensing as it stands today has emerged as a multinational, private, and commercial proposition increasingly adopted by the governments of many countries as well as various academic, commercial and other private bodies. In the growing international market for remote sensing, privacy issues and the need for data protection systems to be inbuilt in the surveillance and image analysis methodologies have assumed vital significance. In this respect, the UN has issued a general guidance termed as “Principles Relating to Remote Sensing of the Earth from Space” for promoting international cooperation and data sharing between countries. But even the UN guidance does not directly include methods for addressing the issues of privacy or data misuse by individuals.

Privacy (Data Protection) Principles in the EU and the US, Compared

The EU and the US are two of the major players in the international arena, whether in issues relating to politics, economic and world affairs, space technology advances, or even in implementing and maintaining privacy and database protection regulations. Since these western powers are the cradle of remote sensing technology as also other surveillance technologies, which have been, only in recent decades, adopted by other countries like Japan, India, and other third-world nations, all regulations and legal infrastructure in privacy and database protection in other countries borrow substantially from the regulatory and legal practices in these two world entities, the European Union and the United States of America.

Hence, a study of the privacy regulations in these two world entities can help understand the core issues involved in the field of privacy or database regulations related to remote sensing technology. However, a comparison of privacy and data protection regulations in the US and the European Union reveal glaring differences in structure, content and comprehensiveness. The EU laws are more structured and appear more effective in the rapidly proliferating science and technology of remote sensing in different corners of the world.

Arguably, the EU provides for one of the most comprehensive legal and regulatory framework for managing issues relating to remote sensing, including the control over data proliferation, image processing and spatial analysis as well as the regulation of privacy rights and database protection in its member states. In contrast, the US laws are seen to be more superficial and need to be developed further and quickly, if at all, its national and legal system needs to tackle the invasion of personal privacy about spatial database processing.

What makes the EU laws stand out about the US laws need a brief overview to understand the above position better. The EU privacy laws are based on some broad principles which have already been spelt out in the foregoing paragraphs. These broad principles include the purpose limitation principle, the data security and data quality principles, the transparency principle, the independent oversight principle, the individual redress principle, the data transfer principle and the sensitive data special protection principle.

The EU laws are only inhibited by the uniform adoption of the laws by the member nations, since these laws have overriding effect over the national laws, but till date, not all EU members have adopted the EU laws fully. However, EU laws are to be compulsorily adopted in case of information or data exchange between member states. The laws are affected by the Directives discussed before and this is in keeping with the general principles of protection of human rights followed by the EU.

In the United States, the powerful Constitution does not explicitly guarantee the right to privacy. However, through various law cases and interpretations of the various Amendments to the Constitution, the US Supreme Court has provided some degree of protection in safeguarding individual privacy rights, particularly for countering intrusive activities of the government. However, the court has mostly based its judgments in cases relating to privacy rights on the Fourth Amendment’s prohibition of “unreasonable searches and seizures”.

Individuals can exercise few rights in data on themselves which can be easily perceived. The rights to data vest in the data processor and not in those to whom such data relates. Such a situation, although sought to be rectified by some of the states, it is the federal laws that usually take precedence over state laws.

The Second Restatement of Torts provides for a general principle consisting of four distinct torts, viz., physical intrusion, false light, misappropriation and publication of private facts. These torts are the main basis for adjudication of legal privacy rights. But they do not in any way accord protection to information privacy. Actually, in the United States, the federal laws stress on openness and transparency of information. Hence, data is not directly protected by any laws in the US. The four basic tenets of US social and government policy, viz., rights against the government, importance of open information flows, preference for private action and the limited role of government, particularly in regulating privacy protection, explain why privacy protection relating to data is almost non-existent in comparison to the related EU laws.

Conclusion

Privacy and rights to the same are dealt with in varying ways in various countries. The society, history and culture peculiar to a particular country play no small role in shaping the laws and regulations in that country. The privacy and data protection laws in the US or the EU, as well as in other countries, are no exceptions to this common fact. While the EU is shaped in its policies by its circumstances – it being a consortium of European nations – the US policies are driven by the basic tents of its Constitution and the various Amendments to the same.

However, privacy rights of both individuals and as relating to database protection is increasingly under threat from the advances made in technology like remote sensing and aerial surveillance. While remote sensing undeniably promotes various developmental and human improvement programs, complexities in managing databases and the gaps in protecting personal and information privacy still need to be effectively tackled.

References

Bok, S., 1983, Secrets: On the Ethics of Concealment and Revelation, pp. 10-11.

Bowles, T., “Remote Sensing and Geospatial Data Used as Evidence: A Survey of Case law”, Crowsey. Web.

Brien, L., 2007, Remote Sensing and Privacy Issues Canada Centre for Remote Sensing Fundamentals of Remote Sensing.

Lillesand, T.M., and, Kiefer, R.W., 2000, Remote Sensing and Image Interpretation, John Wiley and Sons: New York.

Margulis S.T., 2003, “On the status and contributions of Westin and Altman’s theories of privacy”. Journal of Social Issues Vol. 59, pp. 411-429.

Navalgund, R.R., Jayaraman, V., and, Roy, P.S., 2007, “Remote sensing applications: An overview”. Current Science, Vol. 93, No 12. p. 1747-1766.

O’Harrow, R. (Jr.), 2005, No place to hide; behind the scenes of our emerging surveillance society The Free Press.

Peissl, W., 2002, “Surveillance and security a dodgy relationship,” in Debating privacy and ICT – before and after September 11, D. v. Harten, Ed.: Rathenau instituut.

Sabins, F.F., 1987, Remote Sensing: Principles and Interpretation, W. H. Freeman and Co.: New York.

Slonecker, E. T., Shaw, D. M., and, Lillesand, T.M., 1998, ‘Emerging Legal and Ethical Issues in Advanced Remote Sensing Technology,’ Photogrammetric Engineering & Remote Sensing, Vol. 64(6) Pp. 589-595.

The National Academies, 2001, Transforming Remote Sensing Data into Information and Applications Steering Committee on Space Applications and Commercialization, National Research Council of the National Academies Press: Washington, D.C. Copyright 2001 by the National Academy of Sciences.

The National Academies, 2001, Using Remote Sensing in State and Local Government: Information for Management and Decision Making; Steering Committee on Space Applications and Commercialization, National Research Council of the National Academies Press: Washington, D.C. Web.

Van Den Haag, E., 1971, On Privacy, in Nomos XIII: Privacy 149, 149 (J. Ronald Pennock & J.W. Chapman Eds).

Westin A.F., 1967, Privacy and Freedom Athenaeum: New York.