Data protection legislation, including EU law, is not standing in the way of community CCTV schemes authorised by the Garda Commissioner, the Data Protection Commission has said.

The commission is currently carrying out what it said was “a very broad inquiry into surveillance of citizens by the State sector for law enforcement purposes through the use of technologies such as CCTV, body-worn cameras, automatic number plate recognition-enabled systems and drones.”

But it said it had not called for any pause on the roll-out of any proposed community-based CCTV schemes, or for the decommissioning of any existing schemes that had been authorised by the Garda Commissioner.

The commission noted “numerous articles” in recent months, particularly in regional and local newspapers, about reported difficulties the roll-out of CCTV schemes was encountering in some counties.

“A common theme running through these articles is the perception that proposed new schemes are encountering data protection difficulties and are unable to proceed. We wish to clarify the position of the Data Protection Commission with regard to the application of data protection law to community-based CCTV schemes,” the commission said on Thursday.

“First and foremost, it is not the case that data protection law is preventing the commencement and operation of community-based CCTV schemes,” it said.

“CCTV cameras capture the images of individuals and, accordingly, they process personal data. Under data protection law, the processing of personal data requires a legal basis. Community-based CCTV schemes have such a legal basis under section 38 of the Garda Síochána Act, 2005.”

The commission said “data protection legislation does not stand in the way of the roll-out of community-based CCTV schemes that have been authorised by the Garda Commissioner”.

“Once the local authority in the administrative area concerned is willing to take on and deliver on its responsibilities as a data controller for the schemes concerned, there is no legal impediment under data protection legislation to the scheme commencing.”

Inquiry

The commission said it was also “not the case” that the EU General Data Protection Regulation (GDPR) had introduced new barriers to the installation of community-based CCTV schemes. The requirement for a legal basis to process personal data had been in place in Ireland for almost 30 years.

Its inquiry is currently focusing in its first module on the 31 local authorities in the State, and in a second module on An Garda Síochána.

Among many other things, the inquiry is examining whether the schemes are being run in accordance with the principles of data protection, including issues such as public signage, how long the recordings are retained for, the security of the systems and access to them, as well as co-operation with gardaí for requests for footage.

Minister for Justice Charlie Flanagan said on Wednesday that 28 out of the State’s 31 local authorities had taken on the role of data controllers for community-based CCTV systems.

Fianna Fáil TD Thomas Byrne asked Mr Flanagan of his plans to amend legislation to facilitate community groups wishing to set up a community-led CCTV scheme in cases in which the local authority did not consent to being the data controller.

Mr Flanagan said his department was engaging on an ongoing basis with the Local Government Management Agency and the County and City Management Association “to clarify any queries arising and to assist in resolving any concerns”.

He said he expected the findings from the Data Protection Commission’s audits “to be of assistance to all concerned and in particular to local authorities”.

Community groups and local authorities can apply for a grant of up to 60 per cent of the total capital cost of a proposed CCTV system, up to a maximum of €40,000.

There have to date been 27 applications to the scheme. 20 applications have been approved, with grant aid totalling more than €500,000 approved from the total €1 million available for 2018.

A further four applications to the scheme are currently being assessed and considered, Mr Flanagan said.

#CCTV #Privacy #LocalAuthority #DPC #GDPR #Surveilliance #DataController

via the Irish Times.