Overlooked - Liberty

More documents

Recommendations

Info

<strong>Overlooked</strong>: Surveillance and personal privacy in modern Britain 37 The Regulation of Visual Surveillance There are two potential dimensions to privacy in the context of visual surveillance, incorporating its surveillance role – the actual process of watching people, and an informational role – the capacity of systems to gather and produce records on individuals that may be kept and used for other purposes 71 . The ground-rules are to be found in Article 8 of the European Convention on Human Rights, which protects the right of the individual to respect for his private and family life, home and correspondence, with regard to the activities of public authorities. This right is qualified, to the extent that it can be restricted to the degree that this is necessary and proportionate in order to protect public safety, or to prevent disorder or crime. Public authorities have a responsibility to take positive steps to prevent the violation of rights, and must have supervision and accountability systems in place when introducing public visual surveillance systems. While the privacy implications of the surveillance role have caused less concern to members of the public than might have been expected, possibly due to a number of well-publicised cases where CCTV has played a role in bringing offenders to justice, and have not been strongly argued to date, in practice there are a range of factors that responsible public bodies take into account. These include careful camera siting, and the provision of notices drawing attention to the presence of a scheme. The careful management and supervision of control rooms is also likely to be relevant to the surveillance aspect of privacy. The experience of visual surveillance may have an impact on individuals: having a chilling effect on their willingness to take part in public activities, or behave freely in, or enter spaces covered by CCTV cameras. The presence of a large number of cameras, the sense of being continuously under surveillance, increases the risk of this reaction. The technical capacity of a scheme would also raise potential privacy issues if it recorded sound, for example, or allowed camera operators to speak to passers-by through loudspeakers. There is a need for clarity over the purpose and scope of individual schemes, to avoid imposing unnecessary restrictions on behaviour, something in which everyone has a common interest 72 . Unnecessary surveillance may also have an adverse impact on freedom of movement 73 . Most significant for the future regulation of visual surveillance, is informational privacy, that is, the processing and management of data. This area of privacy is more highly developed, and it is here that UK data protection law bites. The Data Protection Act (DPA) creates a framework which requires that personal data be processed in accordance with a set of principles that protect the individual and are the foundation of standards of data management that apply to the public and commercial sectors. Images of individuals captured by cameras may amount to ‘personal data’, and the actions of searching and cross-referencing images with other information for the purpose of identification of an individual will amount to ‘personal data processing’ for the purposes of the DPA and so must comply with the data protection principles. The filming, recording, storing, 71 The Human Rights Act and CCTV, Colvin, M, Local Government Association seminar, 28 June 1999 72 A Report on the Surveillance Society, Surveillance Studies Network, ICO 2006, at 45.2.2 It is argued that, “albeit an individual value and a human right, privacy is also a common value because all persons have a common interest in a right to privacy even though they may differ on (its) specific content” 73 Opinion 4/2004 on the Processing of Personal Data by means of Video Surveillance, Article 29 Data Protection Working Party, 11750/02/EN WP89
38 <strong>Overlooked</strong>: Surveillance and personal privacy in modern Britain adapting, transferring and viewing of images were all considered to be covered when the DPA was introduced, and the Principles became the foundation of a code of practice for CCTV, devised by the ICO 74 . Most important is the requirement for fair and lawful processing; this requires that data be processed for limited purposes and not in a manner incompatible with those purposes. This principle is behind requirements for signage and a range of control room practices in public visual surveillance systems. The processor of images (whether the public body itself or a security company contractor) is responsible for ensuring that processing is carried out lawfully. Where it has grounds, the ICO can serve a notice asking a data controller for information on its practices, and in extreme cases can obtain a warrant for inspection and take enforcement action. Durant v Financial Services Authority Data protection legislation was not originally envisaged as covering camera operated visual surveillance, and before 1998 a conceptual stretch was made to demonstrate that it covered video recording. The emergence of digital methods, and changes in the law following the implementation of the European Directive 75 , have meant that visual surveillance is becoming a more natural fit within the data protection regime, although a recent decision of the Court of Appeal 76 has rather curtailed this more positive trend. The issue in this case arose over the need to show the relevance of retained data, in order to make a successful application for access to records. In order for the data protection legislation to apply, information must comply with the definition of ‘personal data’ in the DPA. The Appeal Court refused Mr Durant access to certain records in the Financial Services Authority’s (FSA’s) filing system connected with a complaint he had made against Barclay’s Bank, on the grounds that it did not qualify as personal data. In order to count as ‘personal data’, and so be covered by the DPA, it must be information that affected his privacy, whether in his personal or family life, business or professional capacity. Mr Durant had not been able to show that the information was close enough to this standard. The tests should be, whether information was biographical in a significant sense, and whether the individual was the focus of the information on file. As a result of the Durant case, whether any particular piece of information is covered by the DPA, will depend on where it falls along a continuum of circumstances in which an individual might have been involved to a greater or lesser degree. The implications of the Court’s decision for visual surveillance are particularly complex, and are still being considered. The key question must be; how far does the scenario outlined by the court limit the degree to which data protection bites on the use of visual surveillance technologies The Information Commissioner’s initial assessment was that this would depend on the use and capacity of the system. A Good Practice Note, issued in February 2004, distinguished between focusing cameras or examining recorded images looking for particular people or examining the 74 CCTV Code of Practice, Information Commissioner, 2000. 75 Directive 95/46/EC (OJ 1995 L281/31), on the protection of individuals with regard to the processing of personal data and on the free movement of such data led to the Data Protection Act 1998. 76 Durant v Financial Services Authority [2004] F.S.R 28, CA.
Page 1 and 2: Overlooked: Surveillance and person
Page 3 and 4: Acknowledgements I would like to th
Page 5 and 6: II Overlooked: Surveillance and per
Page 7 and 8: iv Overlooked: Surveillance and per
Page 9 and 10: 2 Overlooked: Surveillance and pers
Page 17 and 18: 10 Overlooked: Surveillance and per
Page 43: 36 Overlooked: Surveillance and per
Page 95 and 96:
88 Overlooked: Surveillance and per
Page 97 and 98:
Page 99 and 100:
Page 101 and 102:
Page 103 and 104:
Page 105 and 106:
Page 107 and 108:
100 Overlooked: Surveillance and pe
Page 109 and 110:
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
show all

Overlooked - Liberty

Create successful ePaper yourself

Delete template?

Save as template?