Understanding how to operate your CCTV system responsibly

The Surveillance Camera Code of Practice, originally published in 2013, provides a set of 12 Guiding Principles for organisations looking to use CCTV to ensure they do not cross over from providing protection and support for individuals and communities to being seen as breaching their human rights, particularly their right to privacy. This Code of Practice is only binding on “relevant authorities” which includes law enforcement authorities, such as the police and local authorities but there has been work since its publication to encourage other organisations to voluntarily comply with the 12 Guiding Principles. 

While the Surveillance Camera Commissioner (SCC)  has stressed that CCTV good practice goes beyond simply data protection many of the requirements laid out in the Guiding Principles are contained within the Data Protection Act 2018 (DPA 2018). This incorporated the General Data Protection Regulation (GDPR) and this law is enforced by the Information Commissioner’s Office (ICO). CCTV Logbook can help you meet best practice compliance and legal obligations if you sign up to our compliance package. We have just released our latest ‘how to’ video showing you how to use the compliance section of the portal which uses a step by step approach based on the 12 Guiding Principles. This video is available on our You Tube channel, to view it click here.

Guiding Principles 1-4 address the development or use of surveillance camera systems. To comply you need to be able to answer the questions, what is the CCTV system for? and, do you review its use? Guiding Principle 1 states that your CCTV system needs to fulfil a “specific purpose” and “meet an identified pressing need”.  It would be expected that you would conduct a review, at least annually, to ensure that the CCTV system continues to fulfil this purpose and need going forward. Your CCTV system may be used for more than one purpose but, if it is, this must be clearly stated.

Guiding Principle 3 states: “There must be as much transparency in the use of a surveillance camera system as possible.” You need to have signage to make it clear that surveillance is taking place and there should have a published point of contact if they have any queries or complaints. There should also be a clear line of responsibility for the CCTV system and staff need to understand their responsibilities. If the CCTV system is in fact fulfilling more than one purpose, there may be more than one line of responsibility and, if so, this must be clearly stated externally and internally must be understood by staff.

Organisations also need to have carried out a privacy impact assessment that is published to ensure that people’s right to privacy is not infringed.

Issues to consider in respect of privacy include the siting of cameras. For example, if the cameras are likely to overlook any areas which people would regard as private such as a neighbour’s garden you would look to avoid this. Internally you also need to consider the placement of cameras in areas that people would expect more privacy such as locker rooms or social areas. To assist CCTV operators to carry out these assessments properly the SCC and ICO have worked together to produce guidance for carrying out a data protection impact assessment on surveillance camera systems.

To find out more about how CCTV Logbook can help you with CCTV management and best practice compliance sign up to a free trial today or contact us.