ICO Logo

CCTV & The Data Protection Act – Business CCTV Explained

By Jonathan Ratcliffe

Any business which uses a CCTV system for security or monitoring purposes needs to be aware of its legal obligations. As a collector of data (the recorded images from a camera system), organisations automatically fall under the provisions of both the Data Protection Act and the Human Rights Acts. In the case of the Human Rights Act, the ... Read more

Any business which uses a CCTV system for security or monitoring purposes needs to be aware of its legal obligations.

As a collector of data (the recorded images from a camera system), organisations automatically fall under the provisions of both the Data Protection Act and the Human Rights Acts.

In the case of the Human Rights Act, the provisions are fairly simple: All people – and that includes employees, customers or visitors – have a right to privacy. That doesn’t mean that an employer can’t point a CCTV system at his or her employees.

The right to privacy means a reasonable expectation not to be watched just for the sake of watching them.

For example, a camera above the doors to the staff toilets to monitor usage will almost certainly invade privacy (and we have known that to happen). A camera to monitor safety or prevent theft does not, in most circumstances, invade privacy.

For the Data Protection Act, the Office of the Information Commissioner (ICO) has a number of useful guides to guide businesses and organisations through the minefield of storing images.

The ICO makes it perfectly clear what you can – and cannot – use your CCTV’s recorded images for. Most importantly, the ICO says that:

  1. security camera footage can only be used for that single purpose
  2. should not be retained for longer than reasonably practical. In practice, most organisations destroy recorded footage after a week, and computerised servers can be set to do this automatically.

The Act makes it clear that you can’t use recorded images for any other reason, unless you have the firm written agreement of the data subject (the person or people recorded in your footage). Passing footage of criminal activity to the police is exempt from this condition, as this is the primary purpose of a security camera and recording facility.

The Act says: “Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.”

As long as a CCTV system is used lawfully as a recording system to protect lawful property, then a business owner need have no concerns. Spying on staff, or selling footage falls outside that legal purpose.

In virtually all cases, CCTV usage for business security need have nothing to fear from the law.

Photo of author
BY Jonathan Ratcliffe

Jonathan manages Marketing at CCTV.co.uk - with over 15 years experience in CCTV Installation - he writes as an Expert in CCTV Systems, News, Crime Rate Analysis and other FAQs

View all News posts
Free Quote

Complete the form if you would like a free no-obligation quote for CCTV installation.

Free Quote within 24 hours

Friendly advice 0800 211 8310

Nationwide CCTV Installation

Professional Local Installers

Full HD Recording

"*" indicates required fields

Home Call Quote Email