I agree that there is no expectation of privacy, per se, in a public place, but I don't think that correlates to a low expectation of data protection. Just because I'm in visible in public doesn’t mean images of me should be retained. I think it would be interesting to flip your starting point around and consider whether, just because we have become normalised to it, that means we should accept it now and in the future. For example, I wonder how much existing public space CCTV is actually used to prevent and detect crime (and other offences) and protects public safety. I should say that I haven't researched this, its just a presumption I have that CCTV use is probably excessive.
Your suggestion on DPIAs is an obviously good one, but it has to start from the point of proving that the camera will achieve its aim, not just putting one up because there's an issue and it's what we normally do. How many CCTV cameras could use a review of their effectiveness - has the cameras actually captured any incidents in the last year; does it produce useful images, instead of grainy, out of focus, blurs; does it capture excessive or potentially special category info (is it outside a sexual health clinic, or similar); etc.?
I can't imagine a scenario in which public space CCTV would be based on consent or allow an opt-out (besides simply not going in the area covered by the system), as that would defeat the point of the system - surely your main nominals would opt-out? No-one knows what future technology will be capable of, but in order to apply automatic real-time facial recognition redaction you'd been to identify the subject in the first place - so you'd be processing more personal data than without the redaction system, if you include logs of when and where redaction had taken place, and on whom. Normally, a system (including manual operators) would only identify individuals for the purposes the system operates - i.e. picking out known criminals, monitoring ASB and other potential incidents, etc.
I'm not sure how you mean CoPs and legislation conflict. For example, I've found the surveillance commissioner tools help frame the starting point when looking at CCTV, and I don’t find them incompatible with data protection legislation.
Dan
-----Original Message-----
From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Darren Davies
Sent: 16 November 2018 10:00
To: [log in to unmask]
Subject: Re: [data-protection] Very Early Friday Question
Jumping on this late I know but crime prevention CCTV is covered in many conflicting codes of practice and legislation. The basic principle I have found (in my previous life of applying to conduct covert surveillance) is that there is no expectation to privacy in a public place, all of us know that cameras and crime prevention go hand in hand and you cannot avoid being captured on camera in the country with the highest use per square mile. CCTV cameras are in the main obvious and those used for public capture should be accompanied with clear signage or communications on their use. That said now I am in this role I wonder how people could opt in to the use of their personal data being recorded? It is not like they have a choice and can opt out. The skill will be in what is done with the information and how video images are shared, ensuring appropriate redaction. I wonder if in the future CCTV systems will be advanced enough to allow face recognition to block the recording of images on certain subjects. For me CCTV raises more questions that I can currently answer, but a strong and details DPIA at least shows that the concern is on the radar and that steps are being taken or considered.
Regards
Darren Davies | Data Protection Officer
Resources and Commercial | Transformation and Technology
Internal: 6344
External: 020 8736 6344
-----Original Message-----
From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Phil Bradshaw
Sent: 14 November 2018 15:49
To: [log in to unmask]
Subject: Re: [data-protection] Very Early Friday Question
I am happy that providing you have done a proper DPIA to ensure that the recording is fair, done with appropriate transparency, and can be fully justified under an Art 6 condition, then the capture of any incidental special category data comes within 9(2)(e). I don't think analysis of the various scenarios is necessary or helps. I can think of others - person has a sudden heart attack or seizure.
That only applies initially to capture. Any further processing over and above that still comes within 9(2)(e) but has to be further assessed to ensure that an Article 6 condition still applies, is still fair and proportionate etc.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The information contained in this e-mail is confidential and is intended for the named recipient(s) only. If you have received this email in error please notify its originator and delete this email immediately. Unauthorised use, disclosure, copying or alteration of this message is strictly forbidden. Views expressed within this email are those of the individual and not necessarily those of Harrow Council.
Harrow Council monitors all electronic mail it receives for Policy compliance and to protect its systems including anti-spam and anti-virus measures. Electronic mail does not guarantee delivery or notification of non-delivery. Contact the intended recipient(s) by other means should confirmation of receipt be important. All traffic may be subject to recording and/or monitoring in accordance with relevant legislation.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|