The wave of innovation in technology for public safety is crashing against long-established laws and regulations, as Simon Creasey discovers
The critical communications industry has never had it so tough. New technology is being introduced at a rapid rate that on the one hand makes it easier for public safety organisations to communicate securely and efficiently, but on the other hand presents a host of regulatory hurdles – hurdles that need to be addressed if public safety organisations are to get the full value from any move to broadband-based voice and data communications for mission-critical use.
So are national and international laws managing to keep up with the pace of these technological changes, and what are the main regulatory hurdles that need to be overcome by industry?
The short answer to the first half of that question is a resounding “no”. Governments are struggling to introduce and update laws to make sure they are in tune with technological advances and how organisations use this technology.
“Many laws in this country [the UK] are well over 100-plus years old and some are common laws that were never put on the statute book,” says Ian Thompson, BAPCO’s CEO.
“Today we’re talking about technology moving at such a pace that it is hard for us in the industry to even keep up, so legislation has no chance of doing so.”
Part of the issue is that to date globally there has been little joined-up thinking in terms of the way that laws are implemented at national government level.
“Even in the European Union where the majority of fundamental laws are common for EU member states, interpretations may vary quite significantly from one member state to another,” says Tero Pesonen, chairman of TCCA’s Critical Communications Broadband Group (CCBG). “Some things which are not a problem whatsoever in one member state might be banned in another. In the long term, that presents an interesting dilemma if public safety organisations are supposed to co-operate across borders and help each other out.”
This creates a raft of different issues for product providers and users, according to Jarmo Vinkvist, CEO of Suomen Virveverkko Oy. “In our network in Finland we are using a lot of short data messages – text messages – for example, to send location information from users to a command centre,” says Vinkvist. “In some other countries this location information is forbidden by law and it is causing a lot of problems in terms of creating a clear picture of where resources are in the field. We – public safety operators globally – are trying to provide better services in better and smarter ways, so that type of obstacle has to be tackled in the future.”
Another potentially problematic regulatory area identified by many critical communication experts is the use of body-worn cameras. It’s still a fairly nascent technology and, according to those in the industry, it’s a good example of an area where laws are failing to keep pace with technological changes.
“In Europe, several countries do not allow police to use video recordings from body-worn cameras,” says Jeppe Jepsen, director of international business relations at Motorola Solutions. “[In some countries] when you video a public area, you need to put up a warning sign saying it [filming] is happening. The laws are not catching up and when police are starting to use body-worn video there are lots of questions that policies need to address.”
He says policies must cover a number of different areas, such as when to turn the camera on and when to turn it off. There are also questions around when to upload the information recorded, at what quality it should be uploaded, who can delete material – can an officer in the field delete video or not? – and where the material should be stored. In addition, this policy needs to be framed so that it takes into account any European Union or global regulations as well as national laws.
Even if there are no legal or regulatory issues, a number of problems can arise, according to BAPCO’s Thompson.
“You don’t get data sharing between [UK] police forces because they buy different bits of technology and they don’t think about interoperability, and standards can be different,” he explains. “You can have body-worn video systems being used in two neighbouring forces that aren’t compatible with each other even though they [the respective police forces] may work across the border on a regular basis, or they may supply firearms units or police support units to each other. So they might gather evidence on a device that can’t be read by the force they are supporting and as a result they have to go back to their own force, download it and change it to a format that can be read.”
Some users are more important than others
Another potentially problematic area in terms of a conflict of interest between the demands of public safety organisations and legislation that Jepsen identifies is net neutrality.
“Net neutrality says you have to treat all data equally, but public safety data is more [important than that used by consumers]. I know at least one country that wanted to prioritise police data over commercial networks, and those involved in net neutrality in that country said they could not do that,” he explains.
It is an issue that Pesonen has also encountered in Europe. He says that from a consumer perspective it is a good directive, as its aim is to ensure and guarantee that each EU citizen has decent access to internet resources.
“However, the challenge is that this particular directive is being interpreted in different member states in different ways,” says Pesonen. “Some member states have taken the approach that the public safety PPDR isn’t included in the net neutrality directive so PPDR communication sits outside and can be prioritised [as in the UK]. However, in some other countries, no interpretation has been provided so far, so the situation is unclear; and in some countries the indication is that YouTube traffic from teenagers, for example, and lifesaving video from PPDR are both considered to be video services and the priority needs to be the same, which is pretty much a disaster for PPDR organisations and makes it very difficult for them to rely on commercial networks. So we need to get some clarity on this.”
Net neutrality isn’t just an issue in Europe, of course – it’s also something the US is grappling to get to grips with at the moment. BAPCO says it is one of a number of different areas where laws appear to be evolving and governments are testing the boundaries to see what’s possible.
Another example of this evolving legislative situation cited by Thompson is cloud storage. He says a lot of UK police forces were initially against the idea of using cloud storage, although that attitude has thawed slightly despite developments in the US, which has seen the government try to access servers that are located within its jurisdiction.
“It’s been a long time coming, but Amazon and Microsoft are starting to build clouds and server farms in this country to get around that legislation, so they can argue that it [information] doesn’t leave these shores,” says Thompson.
He adds that there is a whole host of other potential legal issues surrounding the use of technology and the ability of critical communications organisations to access information created by and stored on these devices – and that situation is only going to be further muddied in the future thanks to the many different devices being rapidly rolled out in the field.
The next wave of regulations
Based on feedback from experts in critical communications it is clear that much work needs to be done to address some of these lingering issues, especially as there are already several pieces of new legislation about to be introduced to EU member states that will have potential repercussions for the sector.
“From an EU standpoint there have been several EU directives developed over the past few years,” says Christophe Calvez, head of security for secure communication at Airbus. “The first one was GDPR [General Data Protection Regulation – which comes into force in May] and we have been taking it into account when designing products. We have also been discussing [it] with our customers to provide them with some support when there are privacy issues.”
Another regulation that comes into force in May is the Network and Information Security (NIS) directive, which applies to critical national infrastructure. “There has been a lot of work in all European countries to define their operators of essential services and what the impact of NIS will be on the infrastructure identified,” says Calvez.
One EU law that could come into play over the next few years is the Cybersecurity Act. “The aim of this act is to propose certification for products and services, and now there is a lot of discussion because within these proposals from the EU there was a proposal to increase the capability of the ENISA [the European Union Agency for Network and Information Security] to manage certification,” explains Calvez. “Now the discussion that is happening between the EU and the industry is to define what is meant by certification, services and products. There has been a lot of discussion around this.”
A problem shared is a problem halved
Discussions have also been ongoing in other critical communication areas to bring about change. Baum says last year BDBOS organised an international meeting with European and American public safety network operators to discuss potential regulatory issues, among other things, and he feels that initiatives like this, which foster a culture of co-operation, are vitally important.
“For critical communication network operators it is essential to be part of a global community,” says Baum. “International standards help push forward first-responders’ communication functionalities to ensure public safety. Because of the fast evolution of technology, there are always new requirements and developments. To be visible and to exchange ideas, objectives and experiences with other operators and especially first-responder organisations is crucial not only for BDBOS, but for the entire global community.”
Similar factors are behind a new initiative from TCCA’s Critical Communications Broadband Group “to identify and map the legal and regulatory obstacles in different countries so that other countries can see, compare and cross-check if the topic is also valid in their situation”, explains Pesonen. Other collaborative efforts are also needed in other areas, according to Emmanuelle Villebrun, lead technical architect of the Réseau Radio du Futur, in the French Ministry of Interior. She says that in the smart cities space, for example, this sort of work has not yet started and initiatives are not co-ordinated.
“In France, we are focusing on broadband for public safety and smart cities for fire brigades as the next step,” says Villebrun. “We need to define relevant working groups and standards on these topics. The lack of standards is also a problem for control rooms and this is a more urgent matter than it is for smart cities.
“The industry has a role to play in helping governments anticipate future technologies and standards so that government can harmonise common development strategies at the international level and then create relevant national regulations. Through working in this way, regulations would be more likely to promote the use of common systems developed in a worldwide ecosystem.”
The problem is that it typically takes a long time to change laws – particularly European or international laws – and many Western democracies hold regular elections that might see changes in political ideologies among governing parties.
But these issues need to be dealt with sooner rather than later, believes Pesonen.
“Now, as we are on the brink of introducing critical broadband services in various countries, it’s high time to identify these issues and address them so we can have them sorted before it really starts hurting field operations as we move from narrowband to broadband,” he says.
However, given the rapid rate of technological innovation and tech adoption in the area of critical communications, this could be easier said than done.
“The world is changing with 4G and cloud services,” says Pesonen. “We are entering an era where new business models are constantly being developed. There are likely to be sensors all around, wearables on the health side, and so on. New possibilities are appearing. Legislation that is in place today was written to regulate things that were known before those innovations were introduced. I believe that in the next few years we will see enormous innovations in PPDR communication. Some of it will be machine to machine, some of it will be related to big data analytics, advanced prediction or other information processing schemes that we don’t even know about yet. It’s quite likely that the legal framework won’t be prepared for these schemes as it is difficult for the law-makers to see into the future.”
Despite these challenges, he says law-makers generally want to drive the best interest of citizens and they recognise the need for change.
“They will make the changes necessary, but the law-making process is intentionally not extremely fast, so laws will not be changing with the wind all the time. It will take a little time for the laws to catch up and I suppose we will just have to respect that,” adds Pesonen.
As well as policy-makers and governments struggling to get up to speed on developing laws that meet modern-day demands, there is also a requirement for an attitudinal shift among the public.
“Everybody quite rightly desires total privacy: the protection of their data and to be left without anybody watching them,” says Thompson. “Nobody wants a Big Brother society, but as soon as there is an issue such as a murder or a terrorist incident, everybody expects and demands the police to get access to all of that CCTV information and mobile phone information that’s out there so they can keep society safe and find the perpetrators. Members of society want to be left alone until something goes wrong, and when something does go wrong they want other people to give up their rights. So we somehow have to find a way to create this delicate balancing act.”
Author: Simon Creasey