CCTV Security Systems have become a very common part of business premises security. If you’re looking for a security CCTV quotation, you may think that it all comes down to a simple case of price and the quality of the equipment, but there is a great deal more to consider. Before Securus (UK) Ltd will be able to give you a detailed and comprehensive security CCTV quotation, as well as all the logistical considerations, there are also the legal aspects of CCTV use for business to be thought about.
For example, business owners are often unclear about questions such as ‘where can CCTV be installed?’ or ‘what is the law on CCTV use?’
The answers to these questions are primarily governed by two pieces of legislation; The Data Protection Act of 1998 and The Human Rights Act. Simply put, if you are planning on installing and using a CCTV Security System you have a legal obligation to follow the Data Protection Act, and must act in accordance with all relevant Human Rights and Privacy Laws.
So, before getting to the stage of actually looking for a security CCTV quotation, here are some things to consider:
- The Information Commissioner’s Office (ICO) has a comprehensive website that contains all the relative information that you need to know in order to stay within the law. The information is clear and easily digestible, and there is a handy Code of Practice here: https://ico.org.uk/media/for-organisations/documents/1542/cctv-code-of-practice.pdf
- All new business systems need to be registered with ICO, the cost of registration is currently £35 per year providing your turnover is less than £25.9 million.
- The law requires that a business document why they have decided to install CCTV (ie, what is the purpose of the system?) and what measures they will be putting in place to protect the data (ie, the image recordings).
- There must be adequate signage showing people clearly that they are entering an area covered by CCTV and informing them who is in control of the CCTV system and the data it holds.
- Businesses need to be clear that the data must be kept safe, and must not disclosed to the public. Whilst recordings of incidents may need to be given to the police or law enforcement agencies, they must not be given to members of the public without a suitable ‘Right of Access’ request. Such a ‘Right of Access’ allows an individual (or individuals) who have good reason to submit a form and a £10 fee, to see images of themselves caught on a CCTV system. When a business receives such a request, they have a legal responsibility to respond within 40 days.
- Consideration should also be given to the length of time that recordings will be kept. Although hard drive space may allow a company to keep recordings for several months, this may not be necessary. Generally, the guidance is to try and have the recordings kept for the minimum time possible to allow them to be used effectively, in the UK the time scale for keeping stored CCTV images is generally one month, but it could be shorter.
- Businesses should make sure that their staff are fully aware of CCTV being used on the premises, and for obvious reasons CCTV should not be installed where privacy could be compromised, for example in changing rooms or toilets.
And if you think that this is one of those ‘grey’ areas, where despite CCTV legislation and government bodies, no-one is ‘really’ paying too much attention, then think again:
From the news on the Information Commissioner’s Office (ICO) website on February 2nd 2017: “Businesses could face fines for ignoring CCTV data protection law”
A business owner was recently prosecuted for failing to register with the ICO because she was using in-store CCTV. On 1st February 2017 he business owner pleaded guilty to the offence under section 17 of the Data Protection Act at Coventry Magistrates’ Court. She was fined £200, ordered to pay £439.28 prosecution costs and a £20 victim surcharge.
The defendant had been operating security CCTV cameras as part of her business premises licence, but claimed she didn’t realise that this meant she had to register with the Information Commissioner’s Office. The annual fee for most businesses to register is £35. The defendant had also not responded to repeated warning letters from the regulator informing her she was acting in breach of the Act.
Head of ICO Enforcement, Steve Eckersley said:
“The message here is simple, if you are a business operating CCTV cameras you must be registered with the ICO.
Business owners need to be aware of their obligations when dealing with people’s personal data and this includes footage from CCTV cameras.
Being ignorant of the law and the regulator is no excuse; you could end up spending a day in court and receiving a fine, as well as suffering reputational damage to your business. This could all be avoided with some due care and attention.”