1 / 38

Designing Smart Cities Conference University of Strathclyde, Glasgow 31 st March 2015

Designing Smart Cities Conference University of Strathclyde, Glasgow 31 st March 2015 “Regulating Smart Cities: Policing & Privacy” Paul Mackie Chief Executive and Compliance Director CameraWatch compliance@camerawatch.org.uk www.camerawatch.org.uk. What is CameraWatch?.

archiebailey
Download Presentation

Designing Smart Cities Conference University of Strathclyde, Glasgow 31 st March 2015

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Designing Smart Cities Conference University of Strathclyde, Glasgow 31st March 2015 “Regulating Smart Cities: Policing & Privacy” Paul Mackie Chief Executive and Compliance Director CameraWatch compliance@camerawatch.org.uk www.camerawatch.org.uk

  2. What is CameraWatch? • A UK surveillance compliance organisation • An independent, not for profit company founded in February 2006 with the aim of raising awareness of CCTV Data Protection compliance issues and helping those connected with CCTV to improve compliance and standards • Deals with all sectors with an interest in CCTV – installers, manufacturers, users, security companies, legal, law enforcement, government, data protection departments etc • Fully supportive of CCTV when used correctly

  3. UK Data Protection Act 1998

  4. UK Data Protection Act 1998

  5. UK Data Protection Act 2001

  6. The Common Perception……

  7. CCTV and the UK Data Protection Act • “Over 90% of CCTV Systems observed in the UK by CameraWatch are currently not compliant” (CameraWatch 2006) • “8 out of 10 images presented were not fit for purpose” (UK Home Office / ACPO Report 2007)

  8. System Audit Processes…

  9. Common sense data protection.… Does the CCTV system actually do what we think it does? • Correct Purposes and Use of the CCTV System • Siting of the Cameras • Signs – Content and Placement • Quality and Authenticity of Images • Access to - and Management of - Images • Security of Data (Images) and Equipment • Training for those involved in CCTV • Procedures • Documentation

  10. Purposes of the System • Is there a need / justification for using CCTV • Decide the purposes of the system and register them • Registration Updates / Changes • Is the system being used for the correct purposes • Is the system proportionate • Regular Reviews and Justification

  11. Siting of the Cameras • Do the cameras only monitor what should be monitored • If workers are monitored are they aware • Is there a regular review of camera positions and indeed requirement • Are cameras protected from vandalism • Covert / Overt

  12. Signage • There are clear and specific legal requirements for signage • Awareness of those whose images are captured – transparency and openness • Visible and readable • Correctly worded and sited

  13. Image Quality and Accuracy • The system properly & regularly maintained • A regular check of recorded images must be carried out • The system produces quality images • Quality, Process and Storage of Images / Personal Data / Personal Information • Retention • Maintenance

  14. Access to Images • All access to the recording medium documented • Access to images and recording equipment restricted and documented • Staff with responsibility must be fully aware of legal procedures • Subject Access Requests • Disclosure

  15. Security of Data (Images) and Equipment • Is recording device totally secure • Persons must be fully trained for reviewing data (images) • Reviewing of data carried out in a secure and limited access area • Signed agreements regarding data processors • Are recorded images always secure • Is data shared with third parties • “The Cloud”

  16. Training • All appropriate staff must be trained in the legal issues of CCTV • Correct action for requests of images by the public • Staff recognise requests to prevent processing of images • Legal Requirement for Training • ICO Code of Practice • Correct SIA Licence requirement

  17. Procedures • Accountability for the system • Evidence copying • Image retention • Organisation and site-specific procedures • Regular audit of system • Procedures for all aspects of the management of the CCTV data

  18. Documentation • All aspects of the management of the CCTV system must be documented to allow a full audit trail of the lifecycle of the personal information (CCTV images) captured. • Organisation-level and site-specific documentation • Codes of Practice • Attendance Logs • Hardware Logs • Request for Information forms and information • Maintenance and good practice operating logs • Data movement forms • Third party agreements

  19. Just because the technology is there to do it, it doesn’t mean that it has to be done. Justify it and make it transparent – that way the public will support it.

  20. Ensure that your CCTV system does what it should do ……No More..….No Less…... and LEGALLY. Comply with the law. Paul Mackie Chief Executive and Compliance Director CameraWatch compliance@camerawatch.org.uk www.camerawatch.org.uk

  21. Common sense data protection.… Does the system actually do what we think it does? • Correct Purposes and Use of the CCTV System • Siting of the Cameras • Signs – Content and Placement • Quality and Authenticity of Images • Access to - and Management of Images • Security of Data (Images) and Equipment • Training for those involved in CCTV • Procedures • Documentation

  22. Common sense data protection.… ......covers the 12 Guiding Principles of the Surveillance Camera Code of Practice and more…. • Correct Purposes and Use of the CCTV System P1, P2 • Siting of the Cameras P2 • Signs – Content and Placement P3 • Quality and Authenticity of Images P6, P11, P12 • Access to - and Management of Images P4, P7, P9 • Security of Data (Images) and Equipment P9, P11 • Training for those involved in CCTV P8 • Procedures P2, P3, P5, P10 • Documentation P2, P3, P10

  23. The Differences……. • Data Protection is a UK law – not just covering England and Wales • Data Protection covers all but domestic CCTV systems – the new code covers only local authorities and police authorities – a reported 3% to 4% of the CCTV systems users in the UK

More Related