HRAWI denounces controversial AI-driven CCTV requirement

The Hotel And Restaurant Association (Western India) – HRAWI has raised objections to the Maharashtra Government’s recent directive mandating AI-based CCTV systems at licensed hospitality establishments. The directive requires establishments to install advanced CCTV surveillance capable of real-time AI and machine-learning monitoring at entry points, a move the Association views as excessive, costly and intrusive without a proven efficacy for enhancing public safety.

The Association has submitted a representation to the Chief Secretary, Government of Maharashtra – Smt. Sujata Saunik pointing out that the order has been issued without any consultation with the affected industry and the same is unreasonable, arbitrary and seeks to impose onerous burden, financial and otherwise on hotels and restaurants. HRAWI has stated its willingness to participate and suggest alternative ways of dealing with the security apprehensions of the State, if any in order to avoid the implementation of the draconian intrusive CCTV order.

“This is a significant privacy concern, especially for celebrity and VIP guests. Patrons come to our establishments for leisure and private business. These are unguarded moments that they spend with their family and friends. Videotapes of such moments, data storage and transmission involved present cybersecurity risks, including exposure to ransomware or hacking and exposing hotels and restaurants to data privacy and data security. The order is silent on liability issues for any breaches. The CCTV order also infringes on the privacy rights of patrons and could negatively impact hospitality businesses, as customers visit hotels and restaurants to relax in private settings. The mandated surveillance, including live feeds, real-time alerts and stored footage, could drive customers away, undermining the core of the hospitality experience,” says Pradeep Shetty, Honorary Secretary, HRAWI.

“We respect the intent to boost security, but the mandate is an unprecedented financial imposition. With installation costs estimated to be in excess of Rs.5 lakhs per establishment with an additional Rs.75,000/- as yearly maintenance cost that excludes twenty-four hours high speed internet and two TB storage, this requirement is simply unaffordable for many small and medium businesses. Security being a state subject, the cost of such an expensive and complicated system should be borne by the State,” says Chetan Mehta, Vice President, HRAWI.

HRAWI further highlighted the unworkability and overreach of the order. The Association has argued that most of its members already maintain CCTV for security, which can be accessed by authorities as needed.

“Real-time AI monitoring is unmanageable and impractical, especially given the high volume of data that would be generated across establishments. The imposition of the order suffers from unworkability in terms of utility of the live feed data from more than 5000 establishments in Mumbai alone. It would be humanly impossible to watch and analyse the data except for under circumstances that are post facto, for which a static CCTV footage stored data is sufficient. The face recognition requirement too is unrealistic for verifying underage patrons or criminals. The regulation is an excessive and impractical measure that neither enhances security nor ensures timely closure of establishments,” says Nirav Gandhi, Senior Vice President, HRAWI.

HRAWI has also pointed out that the application of the order itself comes with potential legal and ethical issues surrounding data security and customer privacy.

The Association favours non-intrusive security measures as more appropriate, as the current order risks creating a “Big Brother or Police State” atmosphere that is detrimental to customer trust and business viability.

“Privacy is a fundamental right. The mandated storage of customer data raises significant concerns, potentially breaching the Digital Personal Data Protection Act, 2023, which requires customer consent for data use and the right to be forgotten. Even assuming that the said order seeks to enhance security such extensive monitoring and data handling should only be sanctioned by legislation, not through an executive order. Under the circumstances, we request the State to consider our objections and concerns and defer the implementation of the order pending addressing all concerns of the hospitality industry,” concludes Shetty.