Waterford council reprimanded for using CCTV to monitor illegal dumping
Waterford City and County Council had been using CCTV to monitor illegal littering and dumping.
Waterford City and County Council has been officially reprimanded for its use of CCTV to monitor public activity by the Data Protection Commissioner.
The admonishment by the commissioner, which was handed down in October of last year and was carried out using its corrective powers under the General Data Protection Regulation (GDPR), concerns the local authority’s use of such surveillance technology to monitor illegal littering and dumping, and for the prevention of crime.
Waterford is one of seven local authorities that have been the subject of own-volition inspections by the commissioner regarding the use of CCTV – the others being Kildare, Limerick, Galway, Sligo, Kerry, and South Dublin.
Those authorities between them have more than 1,000 closed circuit cameras in operation for surveillance purposes.
In its Waterford investigation, the commission found the Litter Pollution Act 1997 and the Waste Management Act 1996 did not provide a lawful basis for the city and county council’s use of cover cameras with a view to detect and deter illegal littering and dumping.
The commission said it had “comprehensively considered” those acts to that end but found “they do not regulate this processing of personal data” as required by the EU’s law enforcement directive, a parallel piece of legislation which came into force in May 2018 at the same time as the GDPR.
It found further that the two littering acts in question do not meet the standards set out in European justice and human rights case law.
With regard to the use of CCTV for crime prevention and investigation, the commission found such usage was unlawful without an authorisation from the Garda Commissioner, according to the Garda Síochána Act 2005.
The commission said its decision is that both Waterford City and County Council and An Garda Síochána are joint data controllers for certain CCTV cameras which had been authorised under the 2005 Garda Síochána Act. However, those particular devices still infringed Irish data protection law due to there being no written agreement as such with the gardaí.
Other infringements had also been committed, the DPC said, with regard to Waterford Council’s policy in terms of the use of drone technology for monitoring compliance with regard to waste and illegal dumping sites.
Waterford City and County Council had not replied to a request for comment on the DPC’s findings at the time of publication.
Meanwhile, the DPC exercised its corrective powers concerning the breaches in three ways: by temporarily banning the processing of personal data, whose purpose was listed as being for enforcing the law, from some CCTV cameras and dash cams; by ordering the local authority to bring its data processing into compliance with the 2018 Data Protection Act; and by officially reprimanding the council for its conduct.
There was no financial penalty.
While Waterford’s response to the admonishment is not yet known, at least one other council has appealed a similar decision via the courts.
Last June, Kerry County Council appealed a similar ruling by the commission to the Circuit Court.
The investigation of local authorities and their approach to the use of modern surveillance technologies began immediately after the GDPR, the EU’s marquee privacy regulation, went live in 2018.
Some councils have already fallen foul of the data regulator for their approach to such technology.
Last September, the DPC ruled that Wexford County Council had failed to adhere to data protection law by failing to run an impact assessment regarding its use of drones to observe Covid lockdown compliance.
CONNECT WITH US TODAY
Be the first to know the latest news and updates
