The DPO of a local authority was considering the security of CCTV data on edge recording devices, recently. She was concerned about the data being retained in an insecure format and what might be done, practically, to solve or reduce the risk.

The Surveillance Camera Commissioner requires Data Protection Impact Assessment to be completed whenever a local authority, say: installs a camera system; introduces automatic processing video analytics; or relocates a camera.