MPs call on Government to regulate non-surgical cosmetic treatments
EMILY CARTER AND SARAH HARRIS PROVIDE PRACTICAL GUIDANCE AS TO THE LEGAL OBLIGATIONS OF LICENSEES WITH RESPECT TO THE INSTALLATION AND MAINTENANCE OF CCTV ON THEIR PREMISES.
In January of this year, Lincolnshire Police applied under the provisions of Section 51 of the Licensing Act 2003 for a review of the premises licence held in respect of Kai’s Bar in Mablethorpe by the District Council’s Licensing Act 2003 Sub-Committee. The review had been sought after Mr. Kheng refused to supply CCTV footage following an incident which had occurred at a private residence unconnected to the licensed premises, resulting in the Police being forced to obtain a court order to acquire the material in question. Mr. Kheng argued that the request for the footage had been too broad and that the reasons for requesting the data had not been given in full, such that Section 7 Part 9 of the Data Protection Act 1998 was engaged.
The Police requested that a number of additional conditions be added to the
licence, including a stipulation as to what type of CCTV must be provided and
that the minimum period of time that recordings must be kept be increased to
The Committee dismissed all the conditions put forward by Lincolnshire
Police. They chose instead to amend the relevant condition from ‘provision of CCTV and recordings made available to police upon request’ to ‘a tamper resistant CCTV system shall be installed, maintained in working order and operated at the premises. Subject to a suitable request and agreement of the
Data Controller images shall be released to Lincolnshire police so long as the Data Controller is happy to do so in accordance with the Data Protection Act 1998’. This case highlights an ongoing dilemma facing licensees that was first raised back in 2009 when a number of Police forces across the country applied for ‘blanket’ conditions imposing obligations to install CCTV leading to the Information Commissioner’s Office issuing specific guidance with respect to the issue.1
The increasing obligations that accompany CCTV conditions should make
licensees more alert to the need to ensure that they are only attached in appropriate circumstances. It is of note that the Committee in this case appeared to be very much alive to the data protection obligations on licensees.
Given the potential costs implications of court proceedings to compel data
controllers to comply with a request, it is crucial that licensees are fully apprised of what their obligations are, including when to agree to disclose the information and when to refuse.
Considerations when considering imposition of CCTV conditions
As Neil Williams of the British Beer and Pubs Association states; ‘While CCTV
can play a useful role in some situations, blanket or standard CCTV conditions cannot be imposed under the Licensing Act, except where there are valid objections to a licence on the grounds of one of the objectives. Pubs with no history of disorder should not be forced to install CCTV cameras.’
The guidance issued by the Secretary of State under Section 182 of the Licensing Act 2003 provides the following important qualifications in relation to conditions:
Complying with the Data Protection Act 1996
The Information Commissioner has powers to issue undertakings, serve enforcement notices, undertake compulsory audits and issue monetary penalty notices of up to £500,000 for serious breach of data protection principles. Accordingly, for licensees who have installed CCTV, it is essential to understand and comply with the Data Protection Act 1998 (DPA) – and ensure that you fully document your compliance. The DPA relates to personal information (CCTV images) relating to “data subjects” (your customers) held and processed by “data controllers” (the licensee). As a data controller, you are responsible for ensuring that all CCTV images are used, stored and disclosed in accordance with the data protection principles. In particular, you must ensure that you only process CCTV in accordance with the
purpose for which it was installed and you must bear in mind the rights of
your customers. The data protection principles are sometimes difficult to apply as there are no “one size fits all” rules. However, the Information Commissioner’s CCTV Code of Practice provides clear guidance:
Most importantly, if you are asked to provide CCTV images by the police, the
obligation is upon you to ensure you have sufficient information from the police in order to assess whether handing over the images is justified by the nature of the request. The Information Commissioner has made it plain that any licensing condition which requires a licensee to hand over images to the police “on request” conflicts with the provisions of the DPA. Where the police have established that it is necessary for investigating or preventing a crime or apprehending or prosecuting an offender, this will usually be sufficient
reason to disclose the images.
Changes to data protection in the pipeline
The Protection of Freedom Bill, which has reached the final stages in Parliament, includes preparation of a new code of practice on the use of CCTV and appointment of a Surveillance Camera Commissioner. Breaching the code itself will not lead to civil or criminal proceedings but it will provide guidance as to best practice.
Meanwhile, earlier this year, the European Commission published a new proposed data protection directive to replace the existing European scheme underpinning our Data Protection Act. Although it is still early in the process of consultation and debate leading to the finalisation of the new European law, once implemented within the UK, the proposed changes are likely to have a significant impact upon businesses of all sizes in the UK. In particular, it is anticipated that organisations will need to notify the Information Commissioner’s Office of data security breaches – and the penalties for breaching the data protection requirements will be increased to up to 1-2% of a company’s turnover.
Accordingly, licensees must be more wary than ever of their data protection
Skip to content Home About Us Insights Services Contact Accessibility