Application of the DPA to Surveillance Activities

February 20, 2013

The First-Tier Tribunal (FTT) has just issued the first-ever tribunal decision concerning the application of the Data Protection Act 1998 to surveillance activities: Southampton City Council v The Information Commissioner EA/2012/0171, 19 February 2013 (you can download a pdf of the full decision from the panel opposite). In this case, the Council’s licensing committee had resolved in 2009 that all taxis it licensed should be fitted with digital cameras, which made a continuous audio-visual recording of passengers. The Information Commissioner issued an enforcement notice against the Council under the DPA, requiring the Council to stop audio recording, because it was in breach of the Data Protection Principles in the Act (the first Data Protection Principle in particular).

The Council appealed to the FTT. It accepted that words recorded by the equipment were ‘personal data’ for the purposes of the DPA, and the very act of recording was a form of ‘processing’ by the Council under the Act. What the Council disputed was (1) the conclusion that the policy involved the processing of ‘sensitive personal data’ as well as personal data; and (2) the ICO’s finding that the recording and retention of audio data was a disproportionate interference with passengers’ privacy rights under Article 8 of the European Convention.

On both points, the FTT found in favour of the ICO. The FTT said that it was ‘unrealistic’ to contend that the policy did not involve the processing of ‘sensitive personal data’: taxi users would undoubtedly from time to time discuss their own and others’ sex lives, health, politics and so on. The FTT also agreed with the ICO that, although the processing served the legitimate aims of promoting public safety, preventing crime, and protecting persons, it was not proportionate. The FTT observed that there were two important points to note. First, the legitimate aim could only be directed at ‘taxi-related’ crime: the fact that police had been able to obtain useful evidence about other crimes could not therefore come into the balance as a benefit. Secondly, the relevant benefits and disbenefits were only the marginal ones coming from audio recording, because no complaint was made about CCTV in taxis. Against that background, the policy’s significant interference with privacy rights outweighed any resulting benefits. The FTT was particularly impressed by arguments about ‘function creep’, ie the use of the system for other purposes by (say) the police; and by the danger that someone would access and make improper use of the very extensive recorded information. Finally, the FTT said that the ICO was entitled to serve an enforcement notice, given the high public importance of the case.

Plainly, this is a significant decision, whose principles can be read across to a range of surveillance activities carried out by public bodies.

Timothy Pitt-Payne QC and Anya Proops of 11KBW appeared for Southampton City Council and the ICO respectively.

Julian Milford is a barrister at 11KBW. His main areas of practice are employment law and public law:

This report was first published on Panopticon, a blog about Information Law maintained by members of 11KBW’s Information Law Practice Group: