The Surveillance Camera Commissioner requires Data Protection Impact Assessment to be completed whenever a local authority, say: installs a camera system; introduces automatic processing video analytics; or relocates a camera.

Amongst other things, the SCC requires that the Data Controller must consult or conduct a form of community engagement with the data subjects who will come under surveillance.

It is a requirement that the Data Protection Officer must sign every DPIA, whether for the introduction of an entire town centre system or a simple relocatable camera. Say, if an authority wishes to install a relocatable camera to respond to fly-tipping, how can it be expected to engage with the local community, first? 

I’m finding local authority DPOs and their members of staff to be sympathetic to the need to respond quickly to events, with a scaled approach to community engagement depending upon the scale of the works involved. This allows authorities to respond quickly to the installation of a camera for fly-tipping but requiring more considered local engagement where a camera is to be installed in a shopping precinct or mixed commercial and residential area.