GDPR and CCTV
Posted on 27th June 2022
Did you know that the general data protection regulation in the UK or GDPR-UK affects CCTV systems?
Here are some things you should know about CCTV data compliance, so you know just how seriously we take data protection.
Why do CCTV systems need to comply with GDPR?
GDPR is all about protecting personal information. It covers the information you hold about people, how you process it, and how you keep it safe. By capturing an image of someone using CCTV you are holding personal data about them.
However, this is not new. The Data Protection Act, which was replaced by GDPR, also covered the use of CCTV systems.
Both fixed and mobile cameras are becoming common in our everyday lives and many homeowners and businesses now use them as an affordable option for better security. This might include smart doorbells and wireless cameras, for example.
More traditional closed circuit television (CCTV) also continues to evolve and now some even use artificial intelligence (AI) based surveillance systems to process more sensitive types of personal data.
Some systems also use connected databases such as Automatic Number Plate Recognition (ANPR) or Facial Recognition Technology (FRT) for security in public spaces, for crime prevention or other specified purposes.
If you are planning to match data from different systems you will need to make sure the information you are collecting is:
accurate
not excessive
used only for defined purposes
only used when necessary
used proportionately throughout the lifecycle of the processing.
Should we stop using CCTV because of GDPR?
No, GDPR simply means the way we collect and hold information about people must be fair and reasonable.
If you’re using CCTV for your business, GDPR applies to you. Whatever type of premises or business you run you will need to comply with the regulations. If you use CCTV at home GDPR will only apply to you if you also run your business from home.
What to do if you have a CCTV system
You must make sure that wireless signals are encrypted to prevent them from being intercepted by someone else. Systems that transmit images over the internet will also need some type of authentication, such as a username and secure password, to enable access.
You will also need to think about how your information is stored and whether it is accessible to anyone else. If your data is held on a hard-drive at your premises, for example, is it locked away in a secure location? Most modern CCTV systems store video in an encrypted format to prevent unauthorised access.
What happens if you don’t comply?
If your CCTV system doesn’t comply with GDPR you can face significant fines from the Information Commissioner’s Office (ICO).
Share this post: