Capturing Biometric Data
Background to GDPR
The General Data Protection Regulation (GDPR) is a piece of European-wide data protection legislation that becomes fully enforceable in May 2018, following a 2-year grace period. It was approved by the European Parliament in December 2015 and subsequently published in the EU Official Journal in May 2016. It will replace EU data protection directive 95/46/EC and country legislation such as the UKs Data Protection Act.
The act recognises that rapid technological developments and globalisation have transformed both the economy and social life. People are increasingly making personal information available publically and globally and that the free flow of personal data within the EU and globally must be facilitated whilst still ensuring a high level of protection of this data.
When is a breach not a breach?
The ICO (the UK’s Information Commissioner’s Office) has ruled that virgin trains did not breach data protection laws when it published CCTV footage of Jeremy Corbyn on board one of it’s trains as it determined that in this case it had a “legitimate interest” to do so. Where it did fall foul of the law is when it failed to pixilate the faces of three passengers who were captured in the footage but whose presence was not relevant to the case. Follow the link above to read the full article by Steve Eckersley, Head of Enforcement at ICO.
With GDPR set to replace national data protection laws in May 2018 this case serves as timely reminder that anyone operating video surveillance systems within Europe, or indeed anyone, wherever they are located, processing data on behalf of European customers, will be obliged to comply with these regulations and ensure that the way they collect, store, process and publish video and related surveillance data (e.g. facial recognition) must adhere to GDPR or else they risk a hefty fine of up to 4% of global turnover or €20 million.
In June 2017 we saw IFSEC 2017 hosted at Excel London as part of a series of shows and expos dealing with security, safety, protection and management. What was particularly interesting was the creation of a new event at IFSEC focusing on Border and Infrastructure protection, a subject that perhaps would traditionally have been covered by the large defence expos. Whilst perhaps still in its infancy this year, you can see the logic in bringing this subject into IFSEC with the surveillance technology and PSIM. Continue reading