In ‘The Apprentice’ last week, we saw the boys’ team design a t-shirt with a chest camera. The aim was to enable the wearer to record activities ‘hands-free’ on the move. In case you didn’t catch this episode, the boys’ team did not win the task. In fact, they didn’t manage to sell any of their t-shirts. To their credit, however, they did not ignore the privacy implications of body worn video. The t-shirt came with a snazzy ‘On Air’ logo, which lit up whenever the camera was switched on; thereby addressing transparency concerns inherent with surveillance activities. I like to think that this feature was included a result of the privacy impact assessment they conducted (which the BBC decided not to air in the end).
Surveillance technologies are increasingly sophisticated. Cameras can be small and discrete, recording sharp images and clear sounds; they see what people are doing and hear what they saying. They can be used in fixed locations or on the move. It is easy to continuously make, store and retain recordings on compact media or in the cloud. However, just because it is possible to do all this, does not mean that it should all be done!
Last week, the Information Commissioner’s Office (“ICO”, the UK’s data protection regulator) published its new code of practice (the “Code”) for surveillance cameras and personal information (available at www.ico.org.uk). It replaces the ICO’s previous CCTV code of practice, updating the content to take into account developments in surveillance technologies and practices.
The new Code is intended for use by both public and private sector organisations who may use surveillance methods for activities such as protecting premises, preventing crime and investigating incidents1. It focuses on camera and video surveillance methods, including CCTV, automatic number plate recognition, body worn video and unmanned aerial systems (although may also be useful for other types of surveillance).
There is emphasis in the Code on the importance of privacy impact assessments. In other words, the data protection and privacy risks of a surveillance system should be assessed during its design and implementation. Such risks may include intrusion into private lives, a lack of transparency and misuse of personal information. These risks need to be balanced against the benefits of the proposed surveillance activities.
As a starting point, a clear purpose for the proposed surveillance should be identified; for example, to enforce parking restrictions or prevent shoplifting. The extent of the surveillance activities must be proportionate to the identified purpose. To give a few examples:
Additional measures to mitigate the privacy risks can be built into the way in which the surveillance is conducted and how the recordings are used. These may include restricting the number of personnel who have access to the system, and ensuring video footage is kept secure from misuse.
It is also important to ensure that people are aware when and why their activities are being recorded. In this respect, The Apprentice boys were half-way there. The t-shirt was very clear that it had the superb recording feature, but the benefits of the system weren’t made entirely clear…
Olivia Whitcroft, principal of OBEP, 21 October 2014
1 It is not a guide on the related hot topic of government surveillance for national security purposes
This article provides general information on the subject matter and is not intended to be relied upon as legal advice. If you would like to discuss this topic, please contact Olivia Whitcroft using the contact details set out here: Contact Details