Councils and blue light services in the UK and the Republic of Ireland are finding that live CCTV access, as well as subject access requests (SARs,) require stringent redaction to comply with GDPR. The following story was reported on Wednesday, September 11, 2019.
KILDARE Co Council is to drop all live feeds from its CCTV cameras for fear of breaching general data protection regulation. This follows legal advice received by the council.
“There are about 100 cameras in the traffic management system, and we expect to lose the live feed within two weeks,” Superintendent Oliver Henry from Naas Garda Station confirmed.
“It’s a hugely frustrating issue for us. Kildare Co Council could be fined up to €1m for each breach. The Data Protection Commissioner has been very firm on this,” he added.
This will mean that gardaí will no longer be able to view live feed on the CCTVs if they believe a crime is in progress or about to be committed.
“I’m aware of one other local authority that has switched off its live feed, and that’s very unsatisfactory,” said Kildare chief executive Peter Carey.
All this came to light at the first meeting of the new Joint Policing Committee (JPC), held in the County Chamber on Monday last during a presentation update from the Director of Corporate Services Sonya Kavanagh to the new members.
She confirmed that although a three-year funding programme for local CCTV from the Department of Justice was to expire at the end of the year, this was a moot point, as legal advice meant that Kildare Co Council will have to drop all its live feeds for fear of breaching general data protection regulation (GDPR).
This was supported by Supt Henry who confirmed that gardaí in Kildare “are still not authorised for getting live [CCTV] feeds” from council-installed cameras on the advice of the Data Protection and Garda Commissioners.
“The new legislation could be a few years away,” he warned.
However, Ms Kavanagh did settle some nerves on the issue when she confirmed that this latest legal advice only applies to live feeds and that “there would be no problem with the gardaí seeking footage retrospectively” – that is, they could still review recorded footage on application.
As recently as last November – though based on 2005 legislation – the Data Protection Commissioner (DPC) was of the opinion that this should not be the case.
However, the recent ruling on the State illegally using citizens’ personal details from the Public Services Card has now opened up this can of worms for the proverbial coach and horses, and once again new legislation will have to be written to keep abreast of technology. Again.
“I can’t understand why the Data Protection Commissioner needs to give permission,” said Cllr Bernard Caldwell.
“I recognise the right to privacy, but we also have a duty to protect those we can. Victims can’t apply to the DPC because it’s too late,” said Cllr Caldwell.
A lot of the elected officials had made representations on behalf of their localities on the onerousness of the department’s application process for community CCTV, and its adherence to GCPR guidelines.
“These are the Department of Justice rules, and a community has to show it’s able to abide by them and run the system for a minimum of five years,” explained Ms Kavanagh.
Identity Cloak masks faces, number plates and identifying characteristics. Free trial available.