This site uses cookies and by using the site you are consenting to this. Find out why we use cookies and how to manage your settings HERE

Home CCTV: Data Protection & User Guidance

Mar 31, 2021
Home CCTV: Data Protection & User Guidance

Increasing sophistication and availability of video surveillance technology encourages more and more homeowners to choose domestic CCTV system as an effective home security tool.

Surveillance systems have many uses in the prevention and detection of crime. They provide higher health and safety standards. Moreover, CCTV can act as a deterrent to criminals. It means that burglars are much less likely to choose your home if they see surveillance cameras in place.  

However, widespread usage of video surveillance systems gave rise to concerns of unreasonable intrusion into the privacy together with data protection rights of individuals.

There is considerable growth in the number of complaints relating to surveillance cameras outside people’s houses, usually at neighbouring properties.


Domestic CCTV: What is the status?

Systems operating in a way that they capture images of people within the perimeter of their property are not subject to data protection law. This perimeter also includes the garden or driveway.

However, you cannot take advantage of the household exemption if you are a house owner who has installed a surveillance system that captures images (and sounds) of your neighbours and other people outside of the perimeter of your property.

Such cameras can take footage of their gardens, neighbouring homes, public footpaths or streets. In such a case, you must fully comply with data protection law obligations. The Court of Justice of the European Union found that the household exemption does not apply where a home CCTV captured images in the street outside the property.


What is compliance with data protection law?

Compliance with data protection law includes several things: 

  • Demonstrating that you have a legal basis for operating the CCTV system. Moreover, a data controller should be able to provide you with an explanation of the lawful basis for processing your personal data upon request.
  • Demonstrating that you are transparent about how the system operates. It involves installing the appropriate signage and proof that you keep any personal data safe and for a limited period only. 
  • Demonstrating compliance with any access requests, including requests for erasure from any affected individuals. Please, note that individuals should be able to get contacts details from the ones you include on the signage.

Everybody has a right to be provided with information about the processing of their personal data, including the image utilizing a home CCTV.

Usually, the processing of personal data requires a legal basis. For example, the consent of an individual, although it is rarely appropriate for the use of the surveillance system.

In most cases, CCTV footage may be required due to the homeowner’s wish to improve overall home security and protect the health and safety of the family members.


What if you fail to comply with data protection law?

If you fail to comply with this law, the Data Protection Commissioner or any affected member of the public, such as a neighbour or a passer-by, can take an action against you in the courts or expose you to a claim for damages.

Usually, homeowners are subjected to fines or directions to stop operating their surveillance systems if they cannot record only the images within the perimeter of their house. 


When choosing and installing a modern domestic CCTV system, remember to take into consideration that you must comply with data protection law, even though the Data Protection Act is exempt from surveillance cameras operating on your property.

Nonetheless, if your security cameras record footage of some public areas or neighbouring property, you will have to prove that these measures are necessary to guarantee home security.

There should be clear signs informing people of recording and its purposes. These signs should also feature the contact details of the data controller. 

Read Next...