CCTV and GDPR



CCTV Everywhere
The UK is often cited as being one of the most surveillanced societies in the world. And that’s because CCTV has proven to be very popular amongst UK homeowners, businesses, local authorities and police forces. As a result, the country’s citizens are amongst the most watched in the world. According to the British Security Industry Association (BSIA) there are between 4-5.9 million CCTV cameras in the country. There are 500,000 cameras in London alone!

Your Image and GDPR

For many years, UK regulation over image data was relatively light touch. But all that changed in May via the introduction of the European Union General Data Protection Regulation (GDPR for short). The regulation strengthens the privacy laws governing the data of EU citizens. And this includes any image data which may allow individuals to be personally identified.

Brexit Won’t Matter

But before you think ‘hang on, surely Brexit will change things?’, think again. The UK Government has declared its intent to write GDPR into UK law.

One of the reasons for this is to remove any potential barriers to security post-Brexit that might arise if the UK had an alternative data protection framework. Considering that ‘security’ issues are one of the few areas where it is fervently hoped that close cooperation with the country’s former EU partners will continue, it’s extremely likely this regulation is here to stay.

Employers, CCTV and GDPR

There are many reasons why employers use CCTV, such as to protect assets and to monitor employees. Lawful bases of employee monitoring include crime prevention, preventing employee misconduct and ensuring health and safety compliance.

To comply with GDPR an employer must have a strong, ‘fair use’ reason for the use of CCTV placement. This means putting together a business case to explain why the images are being collected, one that must also illustrate how the information will be stored and when it will be disposed of.

If CCTV is being installed for any purpose by employers then GDPR requirements must now be at forefront of all considerations. The rights of employees, customers and other parties should be addressed, keeping in mind that monitoring is only permissible if there is a lawful basis for doing so.

Data Storage
Any personal data collected by employers must be used and kept only to fulfil its original purpose. For instance, if an employee has been filmed because of suspected criminal activity, the footage should reflect this.
Any data captured on CCTV can be retained for 30 days in total (although this can be kept longer if needed, following a risk assessment). One justifiable reason for an extension in the example above, would be because the police wanted to use the footage.

Encryption And Safety

CCTV recordings and other logs must be stored securely and encrypted wherever possible. When connected to the Internet or the cloud, CCTV systems are open to cyber-attacks. The security of the data held can be improved by limiting direct access and having systems in place to prevent online attacks.

Access to Data

Any individuals that have been identifiably caught on film have the right to request a copy of the employers CCTV footage. If the request is valid, the business involved must supply that footage within 30 days.

Show Them What You’re Doing

https://www.youtube.com/watch?time_continue=4&v=smYusuH_p-g

‘As part of a business's’ obligation under the legislation you must tell people that you are taking their personal data. The most effective way of doing this is by using prominently placed signs in any area covered by CCTV. This should be at the entrance to the area, as well as within’ Danny Adamson, Managing Director of signage makers, Stocksigns Group, recently told  Facilities Management Journal.

Signs Checklist

  1. All signs need to be clear and legible. There can be no confusion
  2. Signs should explain why the cameras are there
  3. They should also contain information about who is operating them and who to contact with a query
  4. Equally, those responsible for the CCTV operation should be aware of what to do in the event of a query
  5. Signs should be an appropriate in size. If a sign is deemed deliberately small (i.e. it was meant to viewed from a road but was tiny) then you could be seen as being in breach of your responsibilities

Penalties For Breaking the Rules

Failure to do any of the the above could result in investigation and fines. The GDPR rules have introduced, new, strict penalties where the personal data protection standards are not met. Businesses can now be fined up to €20 million or 4 per cent of turnover (whichever is the highest) if proven to have breached the rules.

Posted by

7 comments:

  1. Nellie Morrison12 October 2019 at 08:11

    I was getting bore since morning but as soon as I got this link & reached at this blog, I turned into fresh and also joyful too.
    Security Companies

    ReplyDelete
  2. Lauren Chevalier20 August 2020 at 08:35

    I agree. You have made the nice blogs with the great info in the contents.
    more

    ReplyDelete
  3. Brazilian knives24 October 2020 at 12:06

    The team has an acute awareness of the metalab design project and is dedicated to its success, even working on weekends.

    ReplyDelete
  4. David Martin8 December 2020 at 08:53

    This so super post Creative Testing With Statistical Significance.Such a very useful article. Very interesting to read this article. I would like to thank you for the efforts you had made for writing this awesome article.Thank you for sharing excellent information. Your website is so cool. I am impressed by the details that you have on this website. It reveals how nicely you understand this subject.

    For more information visit site :- Roku.com/link
    Cash App Login
    ij.start.cannon
    Computer Repair
    123.hp.com/setup
    192.168.l.l

    ReplyDelete
  5. Unknown11 December 2020 at 10:50

    PayPal needs no introduction as a lot of people across the globe uses it for carrying out day-to-day transactions. It not only reduces the hurdle of paying in cash but also gives the users an opportunity to make instant payments on the go. Yes, you guessed that right! PayPal is a peer-to-peer money transferring platform as well as you can do online shopping with it.

    For more information visit site :- Paypal Login

    ReplyDelete
  6. David Martin31 December 2020 at 07:30

    My TV is an Amazon program that offers a simple interface to the My TV service through Amazon's own websites and software programs. As previously noted, the program uses a simple web interface which enables the user to watch various television stations in the United States and Canada.

    For more information visit site :- www.amazon.com/mytv

    ReplyDelete
  7. Unknown9 January 2021 at 06:12


    Nice and well explained blog. Thanks for sharing these amazing thoughts
    PayPal Login
    Garmin Express

    ReplyDelete

Subscribe to: Post Comments (Atom)