Overlooked - Liberty

More documents

Recommendations

Info

Overlooked: Surveillance and personal privacy in modern Britain 115 4) The current sampling scheme is proving discriminatory. There are far more Afro-Caribbean males on the database than any other demographic. A consequence of compulsory retention of DNA for all UK residents would be that it would not discriminate. However, it would represent a significant and disproportionate shift in the relationship between the state and the individual. Recommendations This final section covers recommendations that arise from this report and its findings. It must be emphasised that the policy driver behind public sector privacy intrusion will usually be legitimate. Suggesting that the state generally desires to intrude on privacy for nefarious purposes would be an extreme position to take. There can be little doubt that those in government and other public sector agencies sincerely believe that ID cards will help prevent crime, fight terrorism, deal with unlawful working and migration, with benefit and identity fraud and so on. Similarly, intrusive surveillance, CCTV, and data matching and data mining processes may all be beneficial in combating, investigating or detecting crime. These might be relatively obvious comments to make but are important to bear in mind in determining what appropriate and proportionate steps might be taken in order to safeguard individual privacy whilst still ensuring a public benefit. In the private sector, things are not so clear. A significant motivation mostly absent from the public sector is financial gain. Those who sell newspapers or personal information have no need to justify their activity through identification of some social benefit. As has been noted earlier in the findings, the distinctions between public, private and non-profit sectors are not as clear cut as might have been the case previously. Because of this, the recommendations below are intended to be relevant for privacy regulation in other sectors where appropriate. Recommendation: New Data Protection Legislation and a CCTV Act Liberty has frequently criticised the Government’s excessive reliance upon legislation to achieve policy aims. Our concern has been that legislation may be used as a form of ‘spin’ in order to persuade the public that something is being done to address an issue, even if an Act of Parliament is not necessarily the most appropriate or effective response. Because of this, it would not be appropriate for this report to make recommendations for new laws unless there was a clear and specific need to do so. There does, however, seem to be a strong case for updated data protection legislation. The first requirement of any legislation should be to establish a solid link between the use of CCTV systems and the application of the existing data protection regime. As considered earlier in the section on CCTV, the case of Durant v Financial Services Authority has created uncertainty over the general application of data protection rules, and the governance of the ICO to the use of CCTV. The new ICO draft guidance 219 does seek to redress this by stating that all CCTV systems other than the most basic domestic operation are covered 220 . However, we do not believe that new guidance undermines the compelling case for clarifying legislation. Uncertainly arose over interpretation of the common law. The new ICO guidance is helpful but remains essentially an unenforceable interpretation of the 219 See footnote 75 above. 220 The principle in Durant that footage not targeted on a specific individual is not covered by the DPA of course remains.
116 Overlooked: Surveillance and personal privacy in modern Britain common law. The benefit of legislation is that it can remove uncertainty. New legislation could also do much to ensure a robust framework and proper accountability. The data protection principles in the DPA provide general guidance over the holding of data but do not cater for specificity over such important issues as the location and marking of cameras, arrangements for access to and destruction of footage, penalties for abuse and so on. What guidance there has been covering these issues has been published by a range of agencies. However, it has been essentially voluntary, unenforceable and dependant on the good will and good intentions of system operators 221 . There have, therefore, been two central concerns over CCTV regulation. First, there has been uncertainty of the application of the DPA to smaller systems arising from the decision in Durant. Secondly, even those systems that are covered by the DPA have only unenforceable guidance providing any detail on the specific application of the DPA to CCTV. A new DPA could formalise the principle that only the most basic domestic systems are not covered by the DPA. Perhaps more importantly it would allow effective and enforceable regulation. The Guidance provided by the ICO already provides the type of template that could easily be adopted. The purpose of guidance is to ensure that the practice complies with the relevant data protection principles. However, it also effectively fleshes out the appropriate practice in a manner that would be relatively easy to apply in statute either directly onto the face of a Bill or through accompanying regulation. A good example of this is contained in the ICO’s current code of practice when dealing with notification of CCTV system operation. The guidance states: “Signs should be placed so the public are aware they are entering a zone which is covered by surveillance equipments. The signs should be clearly visible and legible to members of the public The size of signs will vary according to circumstances: For example – a sign on the entrance door to a building society office may only need to be A4 size because it is at eye level of those entering the premises. For example – signs at the entrances of car parks alerting drivers to the fact that the car park is covered by such equipment will usually need to be large, for example, probably A3 size as they are likely to be viewed from further away, for example by a driver sitting in a car. The signs should contain the following information: a) Identity of the person or organisation responsible for the scheme. b) The purposes of the scheme. c) Details of whom to contact regarding the scheme. In exceptional and limited cases, if it is assessed that the use of signs would not be appropriate, the user of the scheme must ensure that they have: a) Identified specific criminal activity. b) Identified the need to use surveillance to obtain evidence of that criminal activity. c) Assessed whether the use of signs would prejudice success in obtaining such evidence. 221 See for example the guidance issued by the Information Commissioner’s Office in 2000 for operators of CCTV systems http://www.ico.gov.uk/upload/documents/library/data_protection/detailed_specialist _guides/cctv_code_of_practice.pdf and “A Watching Brief – A Code of Practice for CCTV” aimed at public sector users of systems published by the Local Government Information Unit in 1996.
Page 1 and 2:
Overlooked: Surveillance and person
Page 3 and 4:
Acknowledgements I would like to th
Page 5 and 6:
II Overlooked: Surveillance and per
Page 7 and 8:
iv Overlooked: Surveillance and per
Page 9 and 10:
2 Overlooked: Surveillance and pers
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
10 Overlooked: Surveillance and per
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
Page 37 and 38:
Page 39 and 40:
Page 41 and 42:
Page 43 and 44:
Page 45 and 46:
Page 47 and 48:
Page 49 and 50:
Page 51 and 52:
Page 53 and 54:
Page 55 and 56:
Page 57 and 58:
Page 59 and 60:
Page 61 and 62:
Page 63 and 64:
Page 65 and 66:
Page 67 and 68:
Page 69 and 70:
Page 71 and 72: 64 Overlooked: Surveillance and per
Page 107 and 108: 100 Overlooked: Surveillance and pe
Page 121: 114 Overlooked: Surveillance and pe
show all

Overlooked - Liberty

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?