Review and written approval by the designated campus authority must occur before the installation and operation of video and electronic surveillance systems and devices. Such review and prior written approval is required for:

•  New surveillance installations
• Updates to existing installations (see below)
• Operator access to systems and surveillance information
• Special case implementations, including systems that monitor or record residential hallways, residential lounges, or the insides of campus daycare facilities; and non-operator access to surveillance information

Video and electronic surveillance systems shall not be used to record audio unless prior approval is obtained from the Chief Privacy Officer and the Office of the General Counsel, in addition to normal DCA approval set forth above.

Requests for installation of a new or an update to an existing video and electronic surveillance system shall be submitted to the designated campus authority in a form that provides all the information required for the inventory and documentation of systems as outlined in this policy.

System changes that have potential privacy implications (changes in how surveillance information will be reviewed or used, changes in the nature of the physical space that impact personal privacy, change in location or field of view of camera, etc.) must be re-approved.

Exceptions to the prior review and written approval process may be made in the event of an emergency or other imminent situation or threat to the safety and security of the university community. In such circumstances, the campus Chief of Police shall make all reasonable efforts to obtain oral approval from the designated campus authority prior to deployment of the video and electronic surveillance system, and obtain written approval as soon as possible thereafter, but no later than two business days after installation. If subsequent approval is not obtained within the time specified above, the system shall be dismantled.

Approval, installation and use of electronic surveillance systems for public safety or security purposes shall be done in consultation with the campus Chief of Police.

The designated campus authority will maintain a master inventory and associated documentation of all existing and approved video and electronic surveillance systems, equipment, and authorizations. Inventories, as well as all requests to install a new surveillance system, must include:

• Name of DCA and review/approval date
• Name and contact information of the person requesting the installation and/or approval of the video and electronic surveillance system
• List of operators (by name or by position) who will have access to the video and electronic surveillance system and associated surveillance information
• Purpose and justification for the video and electronic surveillance system, consistent with the permitted uses of this policy
• Explanation of how the surveillance information may be reviewed and/or used
• Measures that have been taken to minimize the impact on personal privacy
• Assertion that the planned installation and operation of the video and electronic surveillance system shall comply with applicable law and this policy
• Nature of the physical space in which surveillance will occur and of the activities reasonably likely to be captured by the video and electronic surveillance system
• Implementation details, including: Physical location of installation, field of view of the camera(s) or range of the microphone(s), capabilities of the camera(s) (video, audio, pan, tilt, zoom, etc.) or microphone(s), and where and how long the surveillance information will be stored and retained, in accordance with this policy.

The designated campus authority will review system inventories annually. The review may be performed by evaluating paper documentation, electronic systems, or physical inspection.

Video surveillance systems installation, administration, and management will be centralized (either university-wide or per-campus) and coordinated by the Superintendent of Public Safety, campus Chief of Police, and the University Chief Security Officer. Exceptions to the centralized systems will be extremely rare, and only with prior approval of the DCA.

Operator requirements:

• Training on technical, legal, and ethical use
• Written acknowledgement that they have read and understand this policy
• Performance of duties in accordance with this policy
• Will access surveillance information only to the extent permitted by this policy
• Operator prohibitions – they may not:
  • Monitor individuals based on characteristics of race, gender, ethnicity, sexual orientation, or disability
  • Monitor intimate behavior
  • View or record the interior of residential rooms through windows, doors, or other means
  • Duplicate or permit access to others to surveillance information except as specifically permitted by this policy
  • View, record, access or otherwise use a video and electronic surveillance system or surveillance information in any manner that is inconsistent with this policy and/or outside the scope of the usage approved by the designated campus authority

Operators shall be provided with appropriate work facilities so the surveillance information they are required to review cannot be heard or viewed by unauthorized persons.

The DCA will review and approve requests for operator access to video and electronic surveillance systems. All requests must include:

• Name of DCA and review/approval date
• Name and contact information of the person(s) requesting operator access
• Type of access being requested (computer system administrator, surveillance software administrator, surveillance installation technician, access to monitored or recorded images, etc.)
• Purpose and justification for the access, consistent with the permitted uses of this policy
• Explanation of how the surveillance information may be reviewed and/or used
• Assertion that the operator(s) shall comply with applicable law and this policy
• List of which systems, cameras, or devices the operator is requesting access to

The DCA will review operator access privileges annually, to ensure continued access is necessary.

Surveillance information must be stored in a secure location and configured to prevent unauthorized access, modification, duplication, or destruction.

Surveillance information will be kept for no longer than 60 days unless requested in writing by the Office of General Counsel or the campus chancellor or provost. Surveillance information shall be destroyed in a secure manner as soon as the retention period expires. This destruction shall be achieved by using a product or products that have erase or wiping capabilities that meet or exceed the guidance provided by the IU Information Security Office in "Securely Removing Data."

The Office of General Counsel or the campus chancellor or provost may request in writing to the DCA that surveillance information be retained longer than 60 days. This preservation may only occur:

• Upon receiving credible notification of a university or law enforcement investigation for alleged illegal activity or violations of university policy
  • Upon receiving notice from the Office of General Counsel that such copying and storage is otherwise needed to comply with legal obligations to preserve materials
  • Upon receiving authorization from the campus chancellor or provost indicating that such preservation reasonably appears necessary to protect university operations
  • Where there is a reasonable belief that the surveillance information may relate to illegal activity or violations of university policy that have occurred, are occurring, or are imminently about to occur
  • Where the surveillance information have historical significance (e.g., new building construction)

The DCA shall receive, document and store the written preservation request and ensure the preservation occurs in an efficient and effective manner. Access to such copies and stored materials will be in accordance with this policy.

Preserved materials must be destroyed in a secure manner as soon as they are no longer needed for the purpose for which they were preserved, and their destruction shall be reported to the designated campus authority and documented. This destruction shall be achieved by using a product or products that have erase or wiping capabilities that meet or exceed the guidance provided by the IU Information Security Office in "Securely Removing Data."

Surveillance information shall only be released to non-operators under one or more of the following circumstances:

• Public convenience: The surveillance information are being captured for public convenience purposes (e.g., cameras that monitor or record building construction, traffic, weather), as described and approved in the system's inventory and documentation.
• Explicit consent: The individual(s) depicted in the surveillance information provides explicit consent to the release.
• Internal requests: All requests for access to surveillance information from members of the university community must be reviewed and approved by the DCA, in consultation with the Office of General Counsel, the Superintendent of Public Safety, the University Chief Security Officer, and the Chief Privacy Officer, upon a showing of a legitimate need for such access consistent with the purposes of this policy.
• Legal or external requests:All legal requests or demands for access to surveillance information, including all requests under the Indiana Access to Public Records Act and all subpoenas, warrants, court orders, and other legal documents directing that access be afforded to external law enforcement agencies or others, must be delivered immediately to the Office of General Counsel. Should such open records requests or legal documents be served on other persons, the documents must be sent immediately to the Office of General Counsel for review. Counsel will review the request or order and advise the relevant personnel on the necessary response. If a law enforcement agency seeks to execute a search warrant or other order to immediately access or obtain surveillance information and indicates they will not wait for review by the Office of General Counsel, individuals receiving such orders should not obstruct the execution of the warrant or order but should document the actions by law enforcement, notify the Office of General Counsel as soon as possible, and take reasonable steps whenever possible to preserve a copy of any surveillance information being removed, for appropriate university use.

The appropriate DCA shall receive, document, and store each request for and approval of the release of surveillance information, and ensure that such requests are managed in an efficient and effective manner. Access to such surveillance information, their copies, or related stored materials shall be in accordance with this policy. Surveillance information shall be destroyed in a secure manner as soon as they are no longer needed for the purpose for which they were provided, and their destruction shall be reported to the designated campus authority and documented. This destruction shall be achieved by using a product or products that have erase or wiping capabilities that meet or exceed the guidance provided by the IU Information Security Office in "Securely Removing Data".

Unauthorized access to, inadequate protection of, and inappropriate use, disclosure, and/or disposal of surveillance information must be reported immediately as outlined in "Information and Information Technology Incident Response Procedures".

Surveillance information may be accessed or otherwise used by authorized operators only when necessary for:

• Maintenance of public safety and security
• The investigation or prosecution of illegal activity or violation of university policy
• Compliance with legal obligations to preserve, release, or otherwise use surveillance information
• The efficient and effective operation of a university unit, and then only for surveillance information captured using Operational Effectiveness Systems.

Access to and use of such materials shall be in accordance with this policy.

Signs may accompany video and electronic surveillance systems. The DCA -- in consultation with the Superintendent of Public Safety, the campus Chief of Police, the University Chief Security Officer, and/or the University Chief Privacy Officer -- will determine when signs are appropriate. When used, posted signs shall read "This area may be subject to electronic surveillance. Surveillance devices are not actively monitored." 

The University Chief Privacy Officer may be consulted for advice on appropriate notice for privacy purposes.

The University Chief Security Officer or Internal Audit may audit the designated campus authority and surveillance operators for compliance with this policy.

Review and written approval by the designated campus authority must occur before the installation and operation of surveillance systems and devices. The DCA will maintain a master inventory and associated documentation of all existing and approved video and electronic surveillance systems, equipment, and authorizations, in addition to the following:

• Receive, review, approve, document, and store requests for new surveillance installations and updates to existing installations
• Maintain a master inventory of all surveillance systems and equipment
• Conduct an annual review of surveillance system and equipment inventories (ensure no unapproved devices exist, ensured approved devices still active, etc.)

There are a few "special case" scenarios that require approval and/or consultation with other individuals in addition to the DCA:

• Surveillance systems that record audio require the approval of the Chief Privacy Officer, the Office of General Counsel, *and* the DCA (all three)
• Surveillance systems or devices installed OUTSIDE OF the central university-wide surveillance system require the approval of the Chief Security Officer *and* the DCA (both)
• Surveillance systems that monitor or record residential hallways, residential lounges, or the insides of campus daycare facilities require consultation with the Superintendent of Public Safety, the Chief Security Officer, the Chief Privacy Officer, and the Office of General Counsel (all four)
• When surveillance systems are in areas where individuals should be provided "notice" via signs, such as systems deployed for operational effectiveness purposes, the Superintendent of Public Safety, Campus Chief of Police, Chief Security Officer, and/or Chief Privacy Officer can help determine if signs are appropriate

Surveillance systems shall be installed and operated by a limited number of authorized operators who demonstrate a legitimate need for such access and are appropriately trained and supervised in the responsible use of these systems. The DCA will review and approve requests for operator access to video and electronic surveillance systems. The DCA also will:

• Receive, review, approve, document, and store requests for operator access
• Ensure operators receive the appropriate training on the technical, legal, and ethical use of surveillance systems and information
• Maintain a master list of all operator access request authorizations
• Conduct an annual review of those having operator access (who has access, last time access was used, etc.)

Surveillance information will be kept for no longer than the time period stipulated by policy unless the DCA receives a written request from either the Office of General Counsel or the campus chancellor or provost. Upon receiving such a request, the DCA shall:

• Ensure the preservation request is approved by chancellor, provost or legal counsel
• Receive, process, document, and store the written preservation request
• Ensure the preservation occurs in an efficient and effective manner
• Interact with operators to carry out the preservation
• Ensure preserved materials are destroyed in a secure manner as soon as they are no longer needed for the purpose for which they were preserved
• Document the destruction of preserved materials

Surveillance information can only be released to non-operators under specific circumstances. The most common circumstances are internal requests from university community members, external requests from non-community members, and legal requests. 
The DCA must take the following steps for internal requests:

• Receive, review, approve, process, document and store the written request
• Consult with the Office of General Counsel, Superintendent of Public Safety, Chief Security Officer, *and* the Chief Privacy Officer (all four)
• Ensure the release occurs in an efficient and effective manner
• Interact with operators to carry out the release of information
• Ensure the released materials are destroyed in a secure manner as soon as they are no longer needed for the purpose for which they were released
• Document the destruction of released materials

The Office of General Counsel must approve all external and legal requests for the release of surveillance information. The DCA authority shall:

• receive, process, document, and store the written release request from the Office of General Counsel
• Ensure the release request occurs in an efficient and effective manner
• Interact with operators to carry out the release of information
• Ensure the released materials are destroyed in a secure manner as soon as they are no longer needed for the purpose for which they were released
• Document the destruction of released materials

Unauthorized access to, inadequate protection of, and inappropriate use, disclosure, and/or disposal of surveillance information must be reported immediately. In the event of such an incident, the DCA must:

• Immediately notify university administration as outlined in "Information and Information Technology Incident Response Procedures"

The University Chief Security Officer or Internal Audit may audit the DCA and surveillance operators for compliance with this policy. The designated campus authority shall:

• Facilitate all compliance audits as requested by the University Chief Security Officer or Internal Audit