Rocked by claims of bullying, sexual harassment, and homophobia, it has now been revealed that Thanet Council is also a prolific Peeping Tom, routinely spying on the bedrooms and gardens of unsuspecting residents.
According to a report which will be discussed by councillors on 27th July, an unspecified number of TDCs 170 CCTV cameras at unreported locations do not follow “privacy zone” rules
meaning that cameras in certain locations are capable of capturing images of sensitive private areas such as upstairs rooms and gardens in private dwellings.
To make matters worse none of the councils CCTV operators have been trained or hold the legally required accreditations. None have had Data and Barring Service (DBS) checks, nor have any completed confidentiality agreements.
Astonishingly “the Council has not undertaken a Data Protection Impact Assessment" of its cameras and “checks are not undertaken to ensure that the CCTV system is not subject to misuse”
It is clear that TDC has broken every law and safeguarding rule in the CCTV book. By doing so the public have been palced at risk of having their private, and possibly intimate, moments in their gardens and bedrooms viewed, recorded, and possibly even circulated, by an unchecked, untrained, unaccredited, and unmonitored rouge camera operator.
The Council operates 170 CCTV cameras across Thanet which are managed and operated from a control room based in TDCs Cecil Square offices in Margate. All material recorded by the system is owned by the Council and is subject to stringent statutory regulation under the General Data Protection Regulations, the Human Rights Act and the Regulation of Investigatory Powers Act.
I set out below a full list of the breaches of CCTV laws and regulations identified by the internal auditors.
The committee report makes no mention of whether or not the this serious law breaking has been reported to the CCTV regulator, the Information Commissioner. I will however save our Peeping Tom Council the trouble as I will be reporting it.
Despite being reviewed and updated in June 2021, the Council's published Code of Practice for CCTV is not up to date and not fully reflective of current working practices. This means that incorrect information is being given to members of the
public regarding the way in which the CCTV system is operated.
The Privacy Statement for CCTV and Body Worn cameras is incorrect as it lists an incorrect retention period for normal CCTV data and does not reflect that some data is held for extended periods. Also, it has not been subject to regular review resulting in it not being reflective of who data may be shared with. This means that the Council is failing to comply with its statutory obligations under the GeneralData Protection Regulations.
The Council has not undertaken a Data Protection Impact Assessment for the use of the CCTV system meaning that the Council is not operating the system in accordance with Section 64 DPA 2018 and article 35 of the GDPR regulations.
Inadequate signage is in place to inform members of the public that they areentering an area covered by CCTV cameras meaning that the Council is notoperating the CCTV in adherence with DPA 2018.
The Council has not undertaken an annual review of its CCTV signage in accordance with its published CCTV Code of Practice.
Privacy zones are not applied to all CCTV cameras meaning that cameras in certain locations are capable of capturing images of sensitive private areas such
as upstairs rooms and gardens in private dwellings.
No details are available to evidence when the Council last undertook a review ofits CCTV system to ensure that it remains justified.
CCTV Operators are neither trained nor hold the accreditations expected of them in the CCTV Code of Practice.
None of the CCTV Operators have completed a confidentiality agreement.
At present, none of the CCTV Operators have an Enhanced Disclosure and Barring check in place, despite it being listed as a requirement in the CCTV Codeof Practice.
Checks are not undertaken to ensure that the CCTV system is not subject tomisuse