Whether you are looking to simply maintain your existing CCTV system or wish to upgrade with a design to both effectively provide deterrence and record key images, SECLEC are here to help you.
With our ability to design effectively, having regard to meeting each of your objectives, and our knowledge of the ever-changing CCTV market, we are happy to meet and listen carefully to you and take you from the initial brief, through the design process and on to a successful installation.
We are also able to guide you on your obligations, once the system is installed.
The Data Protection Act 2018 (“DPA”) updates UK data protection laws, gives effect to the European Union’s General Data Protection Regulations and, importantly, provides guidelines covering most uses of CCTV in the UK.
The DPA furnishes each of us with the right to see information held about each of us and this includes CCTV images which obtain information about any individual: this includes each of us personally and extends to indirect information, such as car number plates.
This means that to avoid breaching the DPA, CCTV operators must follow a set of rules when they gather, store and release CCTV images of individuals. It is the Office of the Information Commissioner who may enforce these rules.
Such rules are furnished within the grounding eight principles of the DPA: they provide that the information obtained must be:
- Fairly and lawfully processed.
- Processed for limited purposes.
- Adequate, relevant and not excessive.
- Not kept for longer than is necessary.
- Processed in line with your rights.
- Not transferred to other countries without adequate protection.
So, what does this mean to us? Well, if your business uses CCTV, you are obliged to make it clear to people that may be recorded.
The most common way of doing so is to display signs that must be clearly visible and readable. And, if it is not obvious, the details of the organisation operating the system must also be clearly provided.
The Information Commissioner’s Office (“ICO”) states that someone in any organisation relying on this technology should be the nominated CCTV Operator and must:
- Be responsible for the CCTV images: deciding what is recorded, how images should be used and who they should be disclosed to.
- Have clear procedures on how to use the system and when to disclose information.
- Make regular checks to ensure the procedures are followed.
With regards to the disclosure of CCTV images, anyone has the right to ask to see images of them. This is called a Subject Access Request and should provide details to help the operator establish your identity. It is permitted to charge up to £10.00 to deal with such a request.
There are further rules furnished by the ICO:
- CCTV operators are not allowed to disclose images of identifiable people to the media – or to put them on the internet – for entertainment. Images released to the media to help identify a person are usually disclosed by the police.
- An organisation may need to disclose CCTV images for legal reasons – for example, crime detection. Once they have given the images to another organisation, then that organisation must adhere to the Data Protection Act in their handling of the images.
- Public authorities are subject to the Freedom of Information Act 2000, or the Freedom of Information (Scotland) Act 2000. This Act allows members of the public to request official information by writing to the public authority, who must respond within 20 working days. If the images are those of the person making the request, then the request would be handled under the Data Protection Act as a Subject Access Request. If, however, other people are identifiable in the CCTV pictures, then the images would be considered personal information and it is likely they would be exempt from the Freedom of Information Act.
If you have any queries on your CCTV system, whether of a technical nature or in relation to your obligations to the public, please feel free to contact us.