Every once in a while, some stats will appear that capture everyone’s imagination and prove to be a sub editor’s dream for headlines. The Big Brother Watch FOI report release this week has brought with it a wealth of headline opportunities, many of them toilet related and all quite breathless in their indignation. But the placing of cameras in private places is just the beginning of the story.
Whilst as security professionals we can totally understand the general public’s shock at the level of CCTV use in secondary schools and academies, we were as disquieted as everyone else about the use of CCTV in areas such as toilets, showers and changing areas. Not everyone realises the complexity of securing a school, college or university. There may be several buildings with varying traffic and visitors. Effective security looks at all threats and risks and treats them appropriately. So it’s not very surprising that the hue and cry has erupted over the acceptability of placing CCTV cameras in such intrusive areas. When performing one day School Security Health Checks we suggest that a Privacy Impact Assessment be carried out, for what will be now be obvious reasons.
For us though it shows the beginning of the problem and isn’t an isolated issue. We deal with schools, colleges and universities frequently. One of the main things they like help with is CCTV and the Data Protection Act. A head teacher is a head teacher not a security expert but the responsibilities that come with managing the images that come from CCTV are quite expansive and are not limited to where the cameras are placed.
We find that for instance, external cameras may inadvertently be recording images that they should not be. So if the camera’s field of vision includes perhaps an area of a neighbouring garden or there is a view of someone’s home, then the use of that camera is contravening the Data Protection Act and the user could be fined. Its irrelevant that this was not the intention of the user, it simply can’t be done.
Also, there may be issues around storing and deleting the images. Schools need to be fully conversant with how to secure the images they have captured. Security isn’t just about the camera, the images have to be handled carefully – as happens with pupil and staff personal data and protected from either malicious or accidental breach. Deleting images when they should no longer be stored is also covered by the Data Protection Act and once again a user could find themselves in hot water if images are not being securely deleted after the allotted period has expired.
Who views the images created by CCTV systems? Again this falls into the policy and procedure area when we perform health checks. Only appropriate and necessary staff should have access to CCTV images as would apply with any sensitive data for pupils or staff. If we are to use the wonderful security opportunity that CCTV affords us, we must do it securely and appropriately is the message that most comes out of the Big Brother Watch report. You can access the full report on a pdf here.
We plan to publish a White Paper on this topic and if you follow this blog you will receive a notification of when it has been released and where you can obtain a copy. Alternatively you can email us and ask for one. firstname.lastname@example.org or keep an eye on the website www.advent-im.co.uk
We have visualised some of the key elements we thought you may find interesting. These relate to both the number and ratio of CCTV cameras as well as those found in private areas in school. Whilst we don’t mind you using them if you wish, can you just drop us a note to let us know and make sure you credit both ourselves and Big Brother Watch.