The Information Commissioner’s Office has recently taken legal action under the Data Protection Act 1998 against a company which operates CCTV systems. In summary, the company failed to register with the ICO, processed personal data without complying with notification requirements and failed to comply with a notice from the ICO requiring action to be taken.
As a result of the breaches the company was fined in excess of £5,000 (including legal costs and victim surcharges). Full details can be found on the ICO website here.
Steve Eckersley, Head of Enforcement at the ICO, has made it clear that the ICO intends to take “robust action” against those who “flout” data protection laws. This judgment of course has renewed importance following the introduction of the General Data Protection Regulation (GDPR) which has the potential for larger fines and highlights the importance of remaining compliant.
If you have any questions surrounding the use of personal data, CCTV systems or the GDPR in general then please do not hesitate to give Matt Worsnop a call on 0116 281 6235 or email Matt.Worsnop@bhwsolicitors.com.