The algorithmic video surveillance system tested by the SNCF in several stations is attacked before the CNIL. The La Quadrature du Net association announced this Thursday, May 2, that it had filed a complaint with the independent authority responsible for the privacy of the French against this device, called “Prevent PCP”, for detecting abandoned luggage and tracking its owner. via an automated image analysis method.
It was implemented by the SNCF “at least since September 2023 and at least until August 2024” in the Gare du Nord and the Gare de Lyon in Paris and in the Marseille-Saint-Charles station, according to La Quadrature du Net, which presents itself as a defender of fundamental freedoms in the digital environment.
The Olympic Games (JO) law adopted in April 2023 authorizes until March 2025 the use of algorithmic video surveillance (VSA), i.e. cameras equipped with algorithms, in eight specific situations, such as the detection of fire outbreaks, movements of crowds or abandoned objects in order to alert firefighters, police or gendarmes.
But the surveillance techniques used by the SNCF “go beyond the framework of the JO law”, estimated Noémie Levain, lawyer at La Quadrature, during a press conference. The association denounces in particular “particularly intrusive biometric data processing”, with an analysis of people’s clothing, size or gait, even if it does not include facial recognition.
“It’s an automated tracking device where we will be able, with an identification functionality, to follow people throughout the station who have left abandoned luggage,” explained Bastien Le Querrec, also a lawyer at La Quadrature du Net. “We consider this surveillance contrary to European and French law regarding the protection of personal data,” he added.
In its complaint, La Quadrature du Net asks the CNIL (National Commission for Information Technology and Liberties) to monitor the legality of the system, to order the SNCF to stop using it, to delete the data collected and to sanction the SNCF for its alleged violation of the Data Protection Act.
