Surveillance Camera use

ARU uses CCTV systems at our Campuses, Offices and Sites of business either directly managed by us or operated under contract on our behalf by suppliers. We are the Data Controller, and we use these systems for the following purposes:

• For the prevention and detection of crime
• For maintaining the health and safety of users of our premises and land
• For the investigation of breaches of University policies and regulations

This guidance explains how we manage the use of these systems in compliance with the law, and follows the guidance of the Information Commissioner’s Office.

For all enquiries about the use of CCTV on our campuses, please telephone The Head of Security on 0845 196 3717

The University does not undertake covert surveillance, however if there were necessary circumstances to do so in future, this would be undertaken in compliance with the relevant laws and regulations.

Only designated staff have routine access to the CCTV systems and they do so in accordance with our Operation Manual. The day to day management of the systems will be the responsibility of the relevant Campus Security Manager.

The images from our cameras are recorded and monitored 24 hours a day 365 days a year with the majority being recorded digitally. All recorded material is the property of Anglia Ruskin University, which retains copyright. Images are overwritten within 31 days.

Legal Basis and Purpose

• We have an identified legitimate basis for the processing of images, namely under the University’s public task in having a duty of care for students, staff, partner and supplier staff and other visitors to be safe on our premises, to protect our assets and reputation from criminal activity and to monitor the observance of our policies and procedures by those who have agreed to be bound by them.
• We have established that the use of CCTV is necessary for our legitimate purposes. The necessity of carrying on using existing cameras, adding new cameras to existing systems, creating or taking-over a system for a new site, decommissioning a camera or a building system, or upgrading systems will be established through planned periodic or reactive impact assessments. This activity will appropriately balance the necessity of CCTV processing against the rights of Data Subjects and will be approved by the Head of Security.
• Our processing procedures are fair to the data subjects as established through the impact assessment process.
• Recorded material will not be sold or used for commercial or entertainment purposes.

Signage

• Appropriate signage is in place providing the relevant information to individuals prior to entering a recording area. The signs are clearly visible and legible and identify the purposes for which images are recorded, by whom the scheme is controlled and to whom any requests for information should be made, or they provide clear and easy means of being directed to this information.

Using and Disclosing Images/Recordings

• All request by Data Subjects exercising their privacy rights to receive copies or to have our processing of their data confirmed will be dealt with under the University’s privacy rights procedures.
• Operators will be trained to recognise privacy rights requests, notify the Information Compliance Team when a request is received and will process such requests in accordance with the Data Protection Act (2018). Disclosures may involve the use of redaction/ pixilation software to remove the personal data of third parties and for this type of editing a third party or company will be hired to carry it out under appropriate confidentiality restrictions.
• Disclosure of images to persons or organisations external to ARU are restricted to either a Data Subject, a third party that the Data Subject has authorised, or a law enforcement body citing a lawful mechanism permitting a disclosure. Such bodies include: The Police, Customs and Excise, the Health and Safety Executive or other statutory agencies. The University reserves the right to provide recorded material to its own agents under contractual confidentiality provisions.
• Access to and use of images for internal purposes must be authorised by the Head of Security with appropriate advice or further authorisation from the Data Protection Officer and/ or the Secretary & Clerk.
• All access to recorded data is documented and all disclosures record relevant details including lawful justification. Viewing of recorded images will only take place in a restricted area and there will be no general access to that area while viewing is in progress.

Accuracy of Personal Data

• In order to ensure accuracy of the personal data captured, images are of a quality that makes them adequate for the purposes, managed by the use of high-quality digital recording facilities.
• Time and location references are checked through a documented procedure to further establish accuracy.
• Evidential images in the form of stills or downloaded digital images are not subjected to enhancement or compression techniques.

Retention of data

• Data is retained for no more than 31 days, potentially earlier depending on the number of images captured by motion-activated recording.
• If a copy is made (still or video) for approved purposes and retained as evidence by ARU this will be in accordance with our retention policy for the relevant activity (e.g. Fraud Investigations, Disciplinary cases).
• All routine digitally recorded images will be kept for a minimum of 14 and a maximum of 31 days and then erased before re-use.
• In order to manage retention we document responsibility for monitoring retention, average retention time, any system adjustments to limit retention.

Respecting rights

• Appropriate care is taken in the management and control of image processing, retention and destruction.
• No CCTV data held by ARU will be transferred outside the United Kingdom. If we have lawfully disclosed data to an external body, they become the Data Controller of the data and ARU is no longer responsible for their processing of it.
• CCTV will not be used to monitor the progress of individuals in the ordinary course of lawful business in the areas under surveillance. Individuals will only be monitored if there is reasonable cause to suspect that an offence has been or may be committed or a risk to safety is identified.
• Every step will be taken to ensure that surveillance is restricted to University premises. Operators only use CCTV cameras to view ARU premises and land and not to look into the interior of any external premises. The only exception to this rule is if an operator, whilst operating the cameras, nevertheless observes something which he/she believes to indicate that a crime is being, or is about to be committed in a non-public area.
• Staff may be required to provide the Police or other statutory agencies with written statements from time to time, which may be required for evidential purposes. Any such event will be fully logged and operators will be required to justify their actions. Any breach of this condition may result in disciplinary proceedings against the Operator.
• Operators will support the Police or other statutory enforcement agencies if they request CCTV assistance in order to:
  • Assist with the deployment of resources.
  • Monitor potential public disorder or other major security situations
  • Assist in the detection of crime.
  • Facilitate the apprehension and prosecution of offenders in relation to crime and public order.

Breaches by operators

• Breaches of ARU’s procedures by Operators of the systems will be investigated by the relevant Campus Security Manager. Findings will be reported to the Head of Security who will agree appropriate action following consultation with the University Secretary & Clerk. Where breaches involve personal data, the Data Protection Officer will be notified and the University’s Data Breach management process will be engaged.

Training and qualifications

• Operators are trained to a proficient level before they are allowed to take control of any system. Refresher training is provided on a regular basis to ensure that standards are maintained. Training includes:
• Use of equipment
• Observation techniques
• University procedures and record keeping
• Report procedures and action on incidents
• Evidence handling
• Actions in the event of an emergency
• All staff training will be supervised by a suitably qualified Operator
• No Security Officer or Control Room Operator employed by a Contract Staff Provider (and for the time being stationed on University premises) will control any CCTV system in any manner unless they are licensed to do so by the Security Industry Authority and have been appropriately trained in ARU’s procedures.

Maintenance of cameras

• Contractors maintain our systems. In order to do so they need access. Whilst working on the systems Contractors will be constantly supervised by appropriate ARU staff.
• Their activity will be recorded on a maintenance log to include the following details:
• Planned preventative maintenance (PPM) arrangements
• Person(s) responsible for managing the PPM and arranging reactive maintenance and repair.
• Person(s) responsible for monitoring the quality of maintenance and repair.

Handling of recordings

• Our procedures support use of recorded images being used as evidence in criminal proceedings through being of good quality and accurate.
• Recordings for evidential purposes will be managed in accordance with the Police and Criminal Evidence Act 1984 (PACE) and any other regulation relevant to a specific case.
• Where the system records features such as the location of the cameras and/or a time and date reference, our procedures ensure the accuracy of this.
• ARU will not publicly use CCTV images or recordings. Where we have disclosed data to another Data Controller (e.g. the Police) they may make public use but will be legally liable for such use.

Review

• The Head of Security will undertake regular reviews of these procedures. An internal annual assessment will evaluate the effectiveness of the system.
• A report on the review and assessment process is provided to the Secretary & Clerk.

Body worn video devices (BWV), worn as part of a uniform are in use at University in particular circumstances by authorised Operators. These devices can record both visual and audio information.

BWV systems can be more intrusive than the more ‘normal’ CCTV style surveillance systems because of their mobility. We have therefore considered this when assessing the potential impact of use on Data Subjects; deciding whether or not video and audio use is proportionate, necessary and address a pressing need.

Purpose

• The University limits the use of BWV to attending reactive incidents where violence/ aggression is a reported element, or planned investigatory activities where encountering violence/ aggression is a strongly suspected risk. This is similar to our purposes for use of CCTV (preventing/ detecting crime, health & safety), however activating BWV recordings for these purposes is in response to clear hazards or the strong likelihood that the hazard will occur.
• BWV devices have the ability for both video and audio recording to be switched on or off and we are clear to our Operators about the circumstances in which they should be turned on and what they need to do to advise Data Subjects ahead of them being activated. Authorisation is required from the relevant Campus Security Manager to undertake continuous recording without giving the Data Subject the opportunity of being informed prior to recording commencing.

Recording

• All recording is logged in a register explaining why recording was undertaken, whether the Data Subjects were informed prior to recording, whether video and audio recording were made and whether any objections were made by the Data Subjects.
• Continuous recording requires strong justification as it is likely to be excessive and cause a great deal of collateral intrusion. This is because continuous recording is likely to capture people going about their daily business, as well as the Data Subject who is the focus of the recording’s attention. Further justification will be required if recording takes place in more sensitive areas, such as private dwellings etc.

Informing data subjects

• Our Operators using BWV systems are required to provide sufficient fair processing to data subjects. As BWV cameras can be quite small or discreet, and they could be recording in fast moving or chaotic situations, individuals may not otherwise be aware that they are being recorded. It is therefore important that clear signage is displayed, for example on an individual’s uniform, to show that recording is taking place and whether the recording includes audio.
• Operators are required to verbally announce that recording (video/ audio/ both) is about to commence prior to activating it, or to make a Data Subject similarly aware if authorized continuous record is taking place, or that Data Subject enters a situation in which recording was already underway with another Data Subject who had received notification.
• Data Subjects are directed to this guidance if they request more information from the Operator.

Security of recordings

• Because of the volume of personal data and potentially sensitive personal data that BWV cameras will process and the portability of them, we have appropriately robust technical and physical security in place to protect this information. Cameras and/ or the removable storage to which they write data are encrypted in order to restrict access to the data if falling into the hands of unauthorised persons.
• The information is stored so that recordings relating to a specific individual or event can be easily identified, located and retrieved via the register. Data remains under our sole control, in a manner which retains the quality of the original recording and is adequate for the purpose for which it was originally collected.
• Where the particular recording device has a playback feature, this will either be disabled or have a PIN access in place to prevent playback by unauthorized persons.

Retention

• We make appropriate decisions about retention and disposal. Any recording may be retained for the same length of time as our CCTV footage (deleted/ overwritten within 31 days).
• However, as the data captured by BWV is more targeted than CCTV and carries a greater implication of wrong-doing by Data Subjects, the Campus Security Manager has authority to delete the recording immediately if they are of the opinion that the recording was excessive and does not support the purposes for which it was designed. Early deletion and its justification is recorded in the Register.

Disclosure

• All request by Data Subjects exercising their privacy rights to receive copies or to have our processing of their data confirmed will be dealt with under the University’s privacy rights procedures.
• Operators will be trained to recognise privacy rights requests, notify the Information Compliance Team when a request is received and will process such requests in accordance with the Data Protection Act (2018). Disclosures may involve the use of redaction/ pixilation software to remove the personal data of third parties and for this type of editing a third party or company will be hired to carry it out under appropriate confidentiality restrictions.
• Disclosure of images to persons or organisations external to ARU are restricted to either a Data Subject, a third party that the Data Subject has authorised, or a law enforcement body citing a lawful mechanism permitting a disclosure. Such bodies include: The Police, Customs and Excise, the Health and Safety Executive or other statutory agencies. The University reserves the right to provide recorded material to its own agents under contractual confidentiality provisions.
• Access to and use of images for internal purposes must be authorised by the Head of Security with appropriate advice or further authorisation from the Data Protection Officer and/ or the Secretary & Clerk.
• All access to recorded data is documented and all disclosures record relevant details including lawful justification. Viewing of recorded images will only take place in a restricted area and there will be no general access to that area while viewing is in progress.

Review

The Head of Security will undertake regular reviews of these procedures. An internal annual assessment will evaluate the effectiveness of the system. A report on the review and assessment process is provided to the Secretary & Clerk.

Unmanned Aerial Systems (UAS), Remotely Piloted Aircraft Systems (RPAS) are terms also used for the now-common term ‘Drones’. These are vehicles which, if fitted with a camera, are capable of recording images whilst airborne. As such they have the means of capturing personal data and their use must comply with the Data Protection Act.

Whilst privacy law has exemptions relating to reasonable domestic use, and use for ARU’s purposes by staff or students is captured by the law.

The University is aware that the use of Drones has a high potential for collateral intrusion by recording images of individuals unnecessarily and therefore can be highly privacy intrusive, ie the likelihood of recording individuals inadvertently is high, because of the height they can operate at and the unique vantage point they afford. Individuals may not always be directly identifiable from the footage captured by Drones, but can still be identified through the context they are captured in or by using the devices’ ability to zoom in on a specific person. As such, we are required to have strong justification for their use and the means to limit the volume of personal data we record which is not necessary for our reasonable purposes.

Purposes

We will only use Drones where the recording system can be switched on and off when appropriate. This is particularly important given the potential for the cameras to capture large numbers of individuals from a significant height. Where there is an identified need for recording to be continuous, this must be approved by the Data Protection Officer.

There may be many purposes for which Drones could be used, including research, building maintenance and other purposes associated with our Learning Services.

Security

Rules governing the use of Drones cover the whole system, rather than just the device in the air, therefore we ensure that the whole system is compliant; including data storage and access to recordings etc. Any data which we collect is stored securely, for example by using encryption or another appropriate method of restricting access to the information. Using an encrypted wireless communication link wherever possible provides an element of protection against potential hijacking of the device.

Where images or other personal data are stored on the vehicle (e.g. an on-board memory card) then the data will be appropriately protected in the event of loss or theft (e.g. following a crash). The data will be appropriately protected using encryption.

Drones will be controlled to remain within line of sight, retaining a log of usage, copying data to a secure location and securely destroying data on the device as soon as practical.

Retention

We ensure that data is retained for the minimum time necessary for its purpose and disposed of appropriately when no longer required. However if we have used Drones recording for purposes which do not involve recording of people (e.g. building maintenance inspections at height) then there is no requirement to have strict retention rules in place. Different retention periods apply to different uses. Please see our Retention guidance for further details.

Notifying

We are aware that in some circumstances individuals are unlikely to realise that they are being recorded, or may not know that Drones have a camera attached. Making Data Subjects aware that recording may be undertaken is therefore challenging. Typically we will attempt to manage any Drone recording in public by promoting the visibility of Operators and where possible, providing signage. Operators will be able to explain what processing of personal data is being undertaken and direct requestors to this guidance.