Camera-related state law

Connecticut has split consent rules. CGS 53a-189 (eavesdropping) covers intentional unauthorized recording of in-person oral communications and is generally interpreted as one-party consent for in-person audio. CGS 52-570d covers telephonic interception and imposes a two-party (all-party) notice or consent requirement for civil liability purposes. The split makes audio capture in CT operationally complex.

Video-only surveillance of common areas with posted notice is generally lawful. CGS 53a-189a (voyeurism) reaches hidden cameras in places where privacy is reasonably expected. Posted notice at the entrance is the industry standard.

Practical translation. Commercial CT camera installs default to video-only on the cameras and route audio capture through a separate documented intercom or call-recording workflow with all-party notice on telephonic capture.

Alarm and electronic security licensing (DESPP)

The Connecticut Department of Emergency Services and Public Protection (DESPP) licenses alarm and electronic security business and individual installers under CGS Chapter 533a (53-419 et seq.) and related regulations. Companies installing burglar, fire, or electronic security alarm systems for compensation must hold a current state license, and individual installers performing covered work must meet the qualification rules. Buyers can verify a license at portal.ct.gov/despp.

Biometric data and the CTDPA

The Connecticut Data Privacy Act (CGS 42-515 et seq.) took effect July 1, 2023. CTDPA applies to controllers conducting business in Connecticut or producing products targeted to Connecticut residents above defined thresholds (100,000 consumers, or 25,000 consumers and 25 percent of gross revenue from sale of personal data). The Act classifies biometric data as sensitive data and requires consent before processing.

For commercial security buyers, the practical reach is fingerprint and facial-recognition access control and any AI camera that builds a faceprint template. CTDPA compliance requires consent, privacy notice, consumer-rights handling, and a data protection assessment for sensitive processing. Enforcement is by the Connecticut Attorney General; there is no private right of action.

Workplace electronic monitoring (CGS 31-48d)

CGS 31-48d requires Connecticut employers engaged in electronic monitoring to give prior written notice to employees of the types of monitoring used. The notice must be posted in a conspicuous place and provided to each employee. The statute is a real workplace-surveillance disclosure rule with documented enforcement actions; this is not advisory guidance.

Most CT employers fold cameras, badge access, and call recording into one combined surveillance notice in the employee handbook. The 31-48d notice is typically included in the new-hire packet and posted at break-room boards.

Cannabis surveillance (DCP)

The Connecticut Department of Consumer Protection regulates the adult-use and medical cannabis programs and publishes camera coverage and retention rules under Conn. Agencies Regs. 21a-421e et seq. Pull the current text before designing the install. Most CT licensed operators retain at least the DCP minimum and configure VMS retention with a buffer.

Video retention requirements

  • Cannabis. DCP rules at 21a-421e set retention. Pull the current text before designing the install.
  • Healthcare. HIPAA Security Rule (45 CFR Part 164) governs PHI-touching footage.
  • Retail and hospitality. PCI-DSS Requirement 9 specifies 90-day retention for the cardholder data environment.
  • Federal contractors. NDAA Section 889 controls vendor selection. Connecticut hosts a substantial defense-industry contractor base (Pratt & Whitney, Sikorsky, Electric Boat).
  • Schools. FERPA reach for K-12 districts and higher education.

Default retention for CT commercial systems with no specific industry rule is 30 days.

What Tec-Tel does to comply with Connecticut regulations

  • Video-only on cameras unless audio is documented with the layered consent rules under CGS 53a-189 and 52-570d.
  • Posted surveillance notice at every public entrance.
  • No cameras in restrooms, locker rooms, dressing rooms, or any space where privacy is reasonably expected.
  • CGS 31-48d electronic monitoring written notice template added to the install package for employer customers.
  • CTDPA consent and notice language coordinated with the customer's privacy team for any biometric capture.
  • Retention configured to the regime that governs the industry (HIPAA, PCI, DCP, NDAA).
  • NDAA Section 889-compliant vendor selection on federal-touching installs.
  • DESPP-licensed alarm contractor work where the install scope triggers CGS Chapter 533a.

This is a buyer-facing reference, not legal advice.

Security service in Connecticut

Tec-Tel deploys AI-era security across Connecticut with one accountable project manager owning design, install, and service to one standard. The cities below have local service detail, deal sizing, and a free consultation. Don't see yours? We cover the whole state.

Or browse the full city directory and nationwide coverage map.