18:16 14 November 2017
Because CCTV systems have been lightly regulated until now, many organisations are at risk of breaching the General Data Protection Regulation (GDPR) because they are not aware that it covers their CCTV systems and the visual data they collect, Andrew Charlesworth, Reader in IT Law at the University of Bristol, has said.
Charlesworth cites a dispute earlier this year between two householders in Scotland where one recorded and stored data covering the other’s private property and from which they could be identified. The offending party was fined £17,000 for distress caused.
“Changing technology created the need for the GDPR, altering both the data protection environment and public perceptions of what constitutes acceptable data processing,” explains Charlesworth. “From May all CCTV operators will have to be proactive in assessing, improving and ‘evergreening’ their compliance efforts – tickbox compliance will no longer be sufficient. However, GDPR provides a significant opportunity to enhance the industry’s public image as a valued and trusted service, rather than an unaccountable and privacy invasive ‘eye in the sky’.
He added: “The judge’s final comments in the case of Woolley v Akbar are telling – the default position is that any professional (individual or organisation) setting up a surveillance system will be aware of the potential impact of their activities on data subjects, and be familiar with the application of relevant law and guidance.”
Disclaimer: Supanet is not responsible for, and disclaims any and all liability for the content of comments written by contributors to this website