Surveillance activities by governments and corporations are at the forefront of information governance concerns. However, these activities extend into many other sectors such as health and social care and are a necessary part of the information society. It is essential that they are conducted in a safe manner. Most implementations involve centralisation of data and activities and a high degree of trust is demanded. However, distributed approaches are possible and could be much safer. An approach is described and briefly evaluated using a study within the health and social care domain.