This page provides advice and information about information rights obligations to those working in the criminal justice sector. It is particularly relevant to the police and others working within law enforcement.

Law enforcement processing under the Data Protection Act webinar

We will be hosting a webinar looking at law enforcement processing under the Data Protection Act at 11am on Monday 17 September, find out more details here.

Surveillance

Our team often receives enquiries about surveillance technology including body worn video, ANPR and unmanned aerial systems. Advice about these technologies is provided in the updated version of the CCTV code of practice. The code sets out the Information Commissioner’s recommendations on how organisations can process personal data within the legal requirements of the Data Protection Act when using these technologies.

The Home Office has published detailed guidance for police forces about the use of body worn video (BWV), which takes into account the management of personal data obtained by the cameras.

Guidance about data protection concerns and BWV was also produced by The College of Policing in August 2014.

 You may also be interested in reading our guide on the responsible recreational use of drones – also called unmanned aerial systems (UAS) or unmanned aerial vehicles (UAVs).

We liaise with the Surveillance Camera Commissioner where appropriate. The Surveillance Camera Commissioner has also produced a code of practice. 

There is more information available about the role of the Surveillance Camera Commissioner and the tools available to help with compliance.

Security

Data Controllers must ensure that they take appropriate technical and organisational measures against unlawful or unauthorised processing, accidental loss, destruction or damage to personal data.  Some of the ICO’s largest civil monetary penalties have been served on data controllers in the police, justice and borders sectors. This frequently occurs where insufficient safeguards have been in place for handling sensitive personal data. Here you will find advice on security measures safeguarding cloud computing and privacy impact assessments.

Further reading