01829 262409
Privacy Legislation

The Prevalence of Privacy Legislation   

Issues surrounding data protection, personal privacy, the rights of the individual and the use of personal data or information by companies and organisations seems to be ever present, as does the notion that the United Kingdom 'is sleep walking into a surveillance society’, but what are the implications? What are the duties imposed by an increasing amount of legislation including not least the Data Protection Act, the Human Rights Act, the Regulation of Investigatory Powers Act and more recently the Protection of Freedoms Act? Is it impossible for organisations to be fully compliant with current privacy legislation without adversely affecting the way in which they operate?

What we do

At NSG Security Consultants we offer a refreshing ‘new take’ on the implications of privacy legislation for your organisation – legislation that, at first sight, can appear to impose significant additional administrative and financial burden in order to achieve full compliance.

NSG Security Consultants approaches privacy legislation from a different angle with a more balanced and realistic approach – namely that organisations should prioritise action to identify critical non-compliance that could lead to the criminal prosecution of an organisation and / or its principal officers; including the ‘strict liability’ offence of failure to notify relevant processing to which there appears to be no effective defence.

We achieve this by carrying out a cost effective privacy legislation Compliance Gap Analysis Audit and Risk Assessment to identify the key areas where your organisation and its managers may be exposed to potential Criminal Prosecution and / or Civil Action for damages. We also identify any compliance breaches that could have a serious impact on the perceived reputation of your organisation.

Once any serious ‘gaps’ have been identified and controlled, NSG Security Consultants can then assist in the development and implementation of a privacy legislation Compliance Action Plan tailored to your organisation’s requirements including:

The eight enforceable Data Protection Principles; data must be

  1. Fairly and lawfully processed
  2. Processed for the purposes as stated and not in any way incompatible with those purposes
  3. Adequate, relevant and not excessive
  4. Accurate
  5. Not kept for longer than is necessary for the purposes
  6. Processed in accordance with individual’s rights
  7. Kept secure
  8. Not transferred to countries outside the EU without adequate protection

Independent CCTV Compliance Audits

The United Kingdom has come a long way since the first town centre CCTV surveillance system went ‘live’ in 1984 in Bournemouth. In fact today some believe that the United Kingdom leads the world in the use of CCTV technology to undertake surveillance of the public realm. The following are some of the ‘statistics regularly quoted:

When CCTV originally appeared it was unregulated and many saw the technology as a valuable deterrent to criminal activity, but as its use has become widespread so concerns over civil liberties and invasions of privacy have arisen, with many questioning its effectiveness in deterring crime. As a consequence a mass of legislation, starting with revisions to the Data Protection Act in 1998 has been introduced. Despite the legislation some independent human rights and anti-surveillance organisations claim that up to 90% of CCTV surveillance systems may be operating ‘illegally’.

Whilst the latest Information Commissioner’s report on public attitudes towards public CCTV surveillance shows that public support remains high, the report also shows that there are increasing concerns and expectations on the part of the public, particularly with regards to ensuring that public space CCTV surveillance systems are operated in the best interest of those using the public realm (including those areas under private ownership to which the public have access on payment or otherwise).

The purpose of undertaking a CCTV compliance audit is to ensure that the system is being operated in such a way as to meet the original objectives and rationale behind its installation, and that no individual or groups of individuals are being put at risk or prejudice. A key feature of the original Information Commissioner’s CCTV Code of Practice was the recommendation that systems should be audited annually to ensure that they are being properly used, and that the findings of the audit should be published to provide public reassurance.

Furthermore, and contrary to popular belief, there is no automatic right to undertake public space CCTV surveillance, it must be justified and regular auditing of system operation helps to continue to provide justification.

NSG Security Consultants compliance audit will assess your organisation’s use of CCTV against legislation, British Standards and best Practice Guidelines, including:

The resulting Compliance Audit Report is produced in a format of the client’s choosing.