A potential legal problem with many DVR's ...?, Is there an obvious solution? Options

[Doktor Jon]

Every now and again, I find myself going round in circles trying to rationalise a particular problem, which in an ideal world shouldn't be a worry.

One particular aspect of using DVR ( and NVR) recorders has been bothering me for quite some time, and my concerns are if anything increasing.

At present, most DVR's are fitted with Hard Disc Drives (HDD) which are not operator removable (there are of course a few exceptions).

Now the potential problem is if an incident is recorded, it only occupies a relatively small amount of storage space, on what is most probably a fair sized disc. In most situations, the section of recorded activity will be transferred to a CD or DVD, and that will be retained for possible use in court.

However, if as has already happened in the real world, the defence asks for access to the other material originally recorded on the DVR, the chances are it's probably long since been deleted or overwritten. So if the material is not available, there is a very real possibility that the 'video evidence' may be thrown out of court as incomplete, or in extreme situations the case may collapse.

I suppose there are really only four possible options worthy of consideration.

1] A spare DVR is held in reserve to replace the working unit, should its recordings be required for possible court use. In practice, it is very rare that any client / end user would be prepared to spend money on a redundant machine.
2] The HDD is swapped out for a replacement unit, although the drive containing all the precious recordings, may not be usable in an alternative machine.
3] All the contents of the HDD are 'backed up' to another recording medium, which is potentially expensive and slow to complete, and may not be replayable outside of the original host machine.
4] DVR manufacturers look to standardise on a "removable" HDD format, so that if anything is captured on disc, it can be quickly removed and stored away in a safe place, for possible later use in court.

It's perhaps worth mentioning that in extreme cases, the police in the U.K. do have powers to seize any first line evidence, so if a DVR has recorded an incident, and it needs to be reviewed or analysed in detail, then in theory the expensive recorder could be bagged up and locked away in an evidence room for quite some time.

Has anyone any thoughts, ideas or suggestions on the most practical way of overcoming what is longterm a potentially serious operational problem?

[Mr Jeff]

I don't think its as big a problem as you may think.

Most CCTV evidence is usually superceeded by more concrete evidence. Its not often a whole case rests on the CCTV footage.

Times when whole HDDs are taken are usually after terrorist incidents.

What did we do in days of VHS? Take a whole bank of tapes?

The philosophy regarding HDDs should be that they are consumables, if they have to be removed and replaced, it is a consumable item, just like a VHS tape used to be.

If you want to store 300Gigs of info (=30 VHS) then you should be prepared to archive and replace that amount.

After all prices of disks are coming down, apart from just before Christmas. (IMG:style_emoticons/default/smile.gif)

Jeff

[Rich]

I thought the courts had problems playing anything other than video tapes (IMG:style_emoticons/default/smile.gif)

I was also under the assumption that evidence saved directly to the DVR's archive media was classsed as a master copy, so whatever footage that is used in court is the only evidence that needs to be submitted.

Do you have any more information on this case? could it have been mentioned on the lines that the defendant was seen in the property a few days before and was now thought to have made an initial visit to check the place out, and it was that event where the recording was missing?

Man walks into a jewlers with a gun and demands goods from the shop keeper, now surely thats the crime, and any recordings saved to any media for evidence from when the man enters the shop until he leaves is all thats required?

[Doktor Jon]

I seem to have spent an inordinate amount of my less than distinguished career playing devils advocate, so why should this forum be any different (IMG:style_emoticons/default/blush.gif)

The point I was trying to make, is that as with most things in life, questions are usually only ever asked when the words pear and shaped are usefully slotted into the same sentence.

During the previous stages of CCTV and latterly IP Video development, the legal system was quite content to sit back and play a slow game of catch-up, and yet anecdotally, it would appear that those extremely well paid ladies and gentleman of the Bar (legal professionals), are increasingly looking for loopholes and 'get me out of jail' cards, in order to extract their clients from the arthritis riddled fingers of justice.

It is probably not unreasonable to suggest that longterm, there will be an increased reliance on the use of video recorded evidence, for perhaps no other reason than there will be a lot more of it available.

That said, I did read recently about a case that was thrown out, on the basis of what I previously outlined.
A recording from a camera was submitted as evidence, but the recordings from other cameras on the system which were subsequently requested, were not available to the court, simply because they had long since been overwritten, and nobody thought to copy them at the time.

I'll have a look around and see if I can find the reference. If anyone knows it, perhaps they'd be kind enough to post the information.

I am generalising a wee bit simply to convey a point, but recording retention should perhaps be given more thoughtful consideration, particularly in situations which may have 'Homeland Security' implications. It may not be a significant problem yet, but all that can so easily change for the unlikeliest of reasons.

[Mick]

................... It's perhaps worth mentioning that in extreme cases, the police in the U.K. do have powers to seize any first line evidence, so if a DVR has recorded an incident, and it needs to be reviewed or analysed in detail, then in theory the expensive recorder could be bagged up and locked away in an evidence room for quite some time ....................

The police have done this in the past and will no doubt (in extremis) do the same in the future when needs must.



Because of this possibility, many of London's public space CCTV operations now have extensive copying facilities (bulk downloads).



I believe "Lightbulb" has a particularly good system where he is.



One thing that has never really been bottomed out is HOW MUCH data (before and after the incident, and from how many cameras) do the police need. As far as I know there is no specific guidance on this matter . Each case has to be treated on its own individual merits.



Mick

[Doktor Jon]

One thing that has never really been bottomed out is HOW MUCH data (before and after the incident, and from how many cameras) do the police need. As far as I know there is no specific guidance on this matter . Each case has to be treated on its own individual merits.

Mick, I think you're correct about there not being any specific guidance on recording retention, perhaps because every situation has it's own specific operational requirements, and nobody as far as I know has ever bothered to sit down and have a proper think about it (I'm probably going to wish I'd never said that (IMG:style_emoticons/default/wink.gif) ).

Ideally, for smaller system operators, the option of removing a hard drive and storing it away whilst using a replacement, may provide the obvious low cost solution. It would give the required level of flexibility in terms of retaining potential evidence, without breaking the bank.

As most DVR's do not currently provide a user removable or external hard disc option, it would be interesting to see this point discussed both from the end users perspective, and also the DVR manufacturers.

If it were possible to move towards this type of set up, it may well solve a lot of post incident issues, particularly if manufacturers were able to actively consider this as a 'recommended' option for their trade customers, rather than it being the present industry rarity.

[Matt the Teckie]

I far as I understood it, all you need to do when when presenting footage as evidence is PROVE that it's an original copy of the information recorded. There's a dead easy way of doing this and most DVRs comform... Provided the information is encrypted, and can ONLY be played back using either the manufacturers hardware or software application, it can be assumed that it is an origonal copy.

Since the information's encrypted, it can't be tampered with. Anti tamper can be proven further by the use of watermarking techniques that are sometimes included in the encode.

Some manufactures also provide a utility with the player application to produce an actual certificate of authenticity when it successfuly reads the watermark code.

The use of MPEG4 recording open up a whole new debate on evidential video capture. As we know, photographs, Video recordings and JPEG capture techniques are very simple in the way that they operate. You present a image and that image is sampled and recorded at a specified rate... done. With MPEG4 recording, there's a predictive and "intelligent" aspect to the recording. Each frame that you seen on the screen is not always an image in its own right. The frame that you see might only be the changes noted (or "expected") in the scene from say 5 seconds ago. This being the case, the full frame image capture (the I-Frame) has been manipulated. If the image has been manipulated, can it be submitted as evidence? One for Rumpole I suspect.

As there are new and improved compression techniques being adopted by many DVR manufactures, it takes the legal system time to assess the new technologies' susceptability to predictive and external manipulation so I guess we'll be having this debate again at some point. Anyone remember the auguments had when we moved from analogue to digital?

Best advice,

• Stick to MJPEG for alarm recording,
• Use a video printer (Photographic) if you can for very high security applications.
• Ensure your DVR saves information to the CD or DVD in encrypted form.
• Never, never never save information as an AVI or any other media file.
• Make sure the kit's BS8418 compliant.
• Don't use MPEG4 recorders if you need to be absolutly sure the information can be submitted as evidence. (Don't forget, you don't ways need the footage in court, it might only be requried to "persuade" the perpetrator to confess).
• Focus the bloody camera!

Am I rambling (IMG:style_emoticons/default/eek.gif) ?

Sorry, had too much coffee this morning!

[Doktor Jon]

Very interesting comments Matt (IMG:style_emoticons/default/notworthy.gif)

The whole issue of evidential suitability is pretty much a minefield that has yet to be crossed. It's perhaps the lack of understanding regarding the technical aspects of 'Digital' recording, which are conveniently overlooked by the judicial process. As I understand it, as long as the recording seems to be of the suspect or individual in question (allegedly), then little interest is actually paid into the hows and wherefores by which the recording actually originated.

Just out of interest Matt, what are the implications for using other compression techniques? I would imagine that along with M-JPEG, JPEG 2000, Wavelet or MPEG-2 would perhaps also be suitable options?
As regards MPEG-4, again I would have thought that H.264 would also suffer many of the advantages and disadvantages in terms of image sampling / file sizes?
You mentioned the problems of submitting / authenticating .avi files, but what other formats would you recommend that practitioners avoid ... ?

In most cases, technical considerations aside, I would imagine that as with most material submitted as evidence, it would be up to the judge on the day, as to whether it was deemed acceptable.

That said, the underlying point of why I started this thread, comes back to whether the technical design of a record system is understandably being optimised for quality against record duration, without any deep consideration of the potential challenges that may come about if the recordings are eventually submitted to court.

So for example, if eight cameras were recorded to a DVR, only one was copied in part to DVD for submission, and the other seven were eventually overwritten; what then happens if the defence demands access to the other cameras recorded, only to find that the material has long since been wiped? I believe this scenario has occurred in the past, with the result that the case was compromised.

I suppose the point I'm trying to get to is, as an industry, should we be accepting a technical compromise on the way equipment is used, simply because it's easier to go along with whats widely available, rather than what might be considered highly advisable?

Looks like too much coffee for me too (IMG:style_emoticons/default/laugh.gif) (IMG:style_emoticons/default/laugh.gif)

P.S. Anyone know the latin for "Focus the bloody camera"; I could use it on my family crest (IMG:style_emoticons/default/wink2.gif)

[Mick]

The police have been debating issues linked to CCTV systems and the evidential suitability of their END PRODUCT for some time now. Particularly with the advant of 'Digital' recording.



When Digital came along, we saw the rapid rise of that well known CCTV supplier "Confuse erm, Floggit and Scarrper" . (IMG:style_emoticons/default/no.gif)



They installed many small CCTV system (for example those for corner shops, off licences and small independant garages).



The recording format used was generally only readable to a Venusian, and when it could be "read" the end product was of a very poor quality (The image on the media could either have been my mother - in - law or a prize winning Friesian Heifer). Also, there was often no way of "Downloading" the images (data), so as Jon mentioned earlier in this thread ................. the whole hard drive had to be taken.


With these sort of problems building up for the police, in FEB 2005 this document was produced jointly by the Home Office and ACPO -



See the PDF file on this page - http://www.crimereduction.gov.uk/cctv/cctv36.htm



It offers guidance to potential users of digital CCTV systems, where the pictures are likely to be used by the police or in an investigation.



It ain't great ........... but it is the best we have for now.



Mick

[Doktor Jon]

That firm you mentioned Mick, I think they were taken over not so long ago by a larger group, Fleecum, Bodgit and Scram plc (IMG:style_emoticons/default/eek.gif)

In a strange way, this thread is rapidly developing into a perfect example as to why this Forum can provide a very useful conduit for exchanging ideas and discussing problems, which would otherwise be left unmentioned.

The Home Office document (thanks for the link Mick) provides a very useful overview of the basics when it comes to considering a systems recording requirements. What it cannot do is explore any of the individual points in any greater detail. I would imagine the target audience is mostly end users / system operators, and perhaps the last thing they want is to be thoroughly confused with extra detail, when it can often be hard enough just coping with the basics.

I noticed on the Home Office chart it says that ...
"13. The system should be able to quickly export video and stills to a removable storage-medium ..."
"14. Export should include any software needed to view or replay the pictures"
" 15. The system should have an export method proportionate to the storage capacity "

Interestingly, it also makes reference to the requirements of the "investigator", in particular the need for rapidly presenting just the information required for the investigation. It doesn't take account of the requirements of other interested parties in the judicial system, for example the defence barrister.

Which comes back to the point that if we only export the bits which the investigating officer deems appropriate, or which the systems owner provides, then the remainder could be lost, and the case potentially compromised (IMG:style_emoticons/default/sad.gif)

Without wishing to state the obvious, there is always the possibility that a small private CCTV system installed for the protection of a private property, may at some stage be required to provide images as part of a serious crime investigation, or worse still an act of terrorism.

As Matt has expertly pointed out, depending on the type and level of compression, recordings could again be (and indeed are on a regular basis) deemed almost impossible to recover to an acceptable level of quality, and so are useless for their intended purpose.

Now Mick, I won't hear a bad word about that good looking cow you mentioned, in any case, mine looks much more like a Blonde d'Acquitaine (IMG:style_emoticons/default/wink2.gif)

[Mick]

................................... As Matt has expertly pointed out, depending on the type and level of compression, recordings could again be (and indeed are on a regular basis) deemed almost impossible to recover to an acceptable level of quality, and so are useless for their intended purpose.

You touch on a really topical point (topical with the police that is) there Jon.



You will remember the Information Commissioner's (IC) CCTV Code Of Practice - Stickied here - http://www.doktorjonsforum.co.uk/forum/ind...hp?showtopic=66



Well you will see, at the top of page 9 of the CCTV Code Of Practice these wise words -

Quality of the Images

It is important that the images produced by the equipment are as clear as possible in order that they are effective for the purpose(s) for which they are intended. This is why it is essential that the purpose of the scheme is clearly identified. For example if a system has been installed to prevent and detect crime, then it is essential that the images are adequate for that purpose. The Third, Fourth and Fifth Data Protection Principles are concerned with the quality of personal data, and they are outlined in more detail in Part II. The standards to be met under this Code of Practice are set out below.

Unfortunately the IC has no resources available to ensure compliance with the code.

[Doktor Jon]

You touch on a really topical point (topical with the police that is) there Jon.

You will remember the Information Commissioner's (IC) CCTV Code Of Practice - Stickied here - http://www.doktorjonsforum.co.uk/forum/ind...hp?showtopic=66

Well you will see, at the top of page 9 of the CCTV Code Of Practice these wise words -

It is important that the images produced by the equipment are as clear as possible in order that they are effective for the purpose(s) for which they are intended. This is why it is essential that the purpose of the scheme is clearly identified. For example if a system has been installed to prevent and detect crime, then it is essential that the images are adequate for that purpose. The Third, Fourth and Fifth Data Protection Principles are concerned with the quality of personal data, and they are outlined in more detail in Part II. The standards to be met under this Code of Practice are set out below.

Unfortunately the IC has no resources available to ensure compliance with the code.

Greetings Mick,

Hope you're having a very enjoyable break! (IMG:style_emoticons/default/yes.gif)

This really is a super hot topic, and one which I've actually been discussing with a number of people just recently.

The main difficulty is that whilst the wording of the ICO's Code of Practice may be very well intentioned, in practice it actually says very little that is of any practical use to most CCTV System Operators.

Where there are terms like "...the purpose of the scheme...", most operators (and remember I am talking in very general terms) would be more than content to say, 'it's primarily being used to deter criminal activity, or the system is intended to be effective at detecting crime', and yet we both know that the concept of deterrence and indeed detection, is actually far more complex than simply sticking a camera on a wall and calling it CCTV.

The whole way in which the Operational Requirements are currently defined, perhaps needs to be addressed in a far more accurate and intuitive way, so that when things do eventually go pear shaped, allowances have already been made to provide the essential images necessary for effective forensic surveillance.

The ICO states that "... if a system has been installed to prevent and detect crime, then it is essential that the images are adequate for that purpose.". What it doesn't say is that those are two seperate issues, and using the current toolbox available, there are almost unlimited combinations of equipment that could be applied in a given situation, but perhaps only two or three configurations that would actually be optimised for both objectives.

To be brutally honest, the ICO is neither resourced or experienced enough to fulfil a highly technical role such as CCTV assessment, and it would perhaps be unreasonable to expect them to do so.
In the U.K., I would imagine that the Home Office Scientific Development Branch (HOSDB) are perhaps the most capable agency to develop a presence in this field, if and when they are sufficiently resourced to undertake the vital objective of "getting it right".

Personally, I've always wanted to see an independent inspectorate, not so much as Big Brothers bigger brother, but more in terms of an agency overseeing and directing the 'intelligent' use of video surveillance, so that systems are applied both effectively and appropriately.

I'm still pondering what if anything can be done to make a difference in the short term, and given that we are already building up quite a band of merry (and widely experienced) fellows here on the forum, if I do manage to come up with any obvious answers (or if anyone would be kind enough to put forward their suggestions), then rest assured you'll be able to read it here first (IMG:style_emoticons/default/laugh.gif)

[Ilkie]

This is a subject dear to my heart, especially as I was called out two nights ago to undertake this very task!

In my opinion most CCTV DVRs lack the capability for bulk downloads that are now being required more and more often, as the Senior Investigating Officer requires footage from cameras that may be demanded by the Defence. (Don't get me started on clock sync capabilities!)

We have seen incidents that in the past would have required 10 minutes from a couple of relevant cameras to be downloaded to a situation now where footage from all the cameras in the surrounding area are required for in excess of an hour each.

Of course (I believe) the Police are required to seize all relevant evidence under PACE (and no images captured may well be relevant), so they will tend to ask for everything.

For our customers, we are required to hold stock of spare DVRs for allow swap out to allow bulk down loads.

Normally the cost of replacement hard drives is met by the Police.


From the designer/installer viewpoint, we should be continually banging the drum of reverting to basic principles.

1) State the operational requirement and the purpose for the system.

2) Ensure the end user signs up in agreement of the above.

3) Confirm the installed system meets the requirements (ie fit for purpose)

4) Ensure that the system is regularly checked to confirm that the the system continues to meet the OR and is is fit for purpose.

This is a legal requirement under DPA, which I believe, is based in criminal law (perhaps Mick can confirm).

Everything else, image size, frame rate, resolution, bulk downloads, clock synchronisation etc follows from the above.

Sorry for rambling, but late night last night!

Regards

Ilkie

[MichaelC]

That makes a lot of sense Ilkie (IMG:style_emoticons/default/thumbsup_anim.gif)

This swapping of DVR's sounds a bit like the service offered by Business Continuity companies, that stock huge quantities of computers 'ready to go', for when a large company has a major systems failure and they need to quickly set up a backup operation.

I'll make a note of your service, as it could be useful to know for the future (IMG:style_emoticons/default/yes.gif)

[Doktor Jon]

From the designer/installer viewpoint, we should be continually banging the drum of reverting to basic principles.

1) State the operational requirement and the purpose for the system.

2) Ensure the end user signs up in agreement of the above.

3) Confirm the installed system meets the requirements (ie fit for purpose)

4) Ensure that the system is regularly checked to confirm that the the system continues to meet the OR and is is fit for purpose.

This is a legal requirement under DPA, which I believe, is based in criminal law (perhaps Mick can confirm).

Everything else, image size, frame rate, resolution, bulk downloads, clock synchronisation etc follows from the above.

Sorry for rambling, but late night last night!

Regards

Ilkie

If that's what you're like when you're rambling Ilkie, I can't imagine what your like normally (IMG:style_emoticons/default/biggrin.gif)

Some excellent points made, and I really couldn't agree more about getting the basics sorted first.

I know from personal experience that much of what could be achieved very easily, can often fall victim to the charms of Lady Compromise.

For an experienced CCTV advisor or consultant, it is often very easy to spot potential problems or techniques that could be applied on the basis of 'best practice', or indeed take account of a wide range of possible eventualities when discussing the final design of an appropriate system.

The problem is, a client may frequently choose to ignore the advice / experience , often for the most basic of 'human nature' reasons.

So as a fairly obvious example, if it were argued that the requirements for Passive Evidential Recording in a given situation, may be best served using fixed and optimised cameras, the client may suggest that they would rather spend more money on "state of the art" remote control cameras, simply because they look more impressive (particularly to their bosses).

So rather than going for the correct technical solution, they instead prefer to adopt the sexy solution; then when the brown stuff eventually makes contact with the fast moving whirly thingy, the general concensus is that "CCTV doesn't work" (IMG:style_emoticons/default/rolleyes.gif)

It's also important to consider that whilst much attention is focussed on adherence to the DPA, a significant number of existing systems may actually be exempt from mandatory compliance, and although it could be considered "Best Practice" to follow the spirit of the legislation, it wouldn't in itself guarantee that a DPA observant system is necessarily optimised for its intended purpose.

Now who's rambling ...? (IMG:style_emoticons/default/laugh.gif) (IMG:style_emoticons/default/laugh.gif)

[Mick]

This is a legal requirement under DPA, which I believe, is based in criminal law (perhaps Mick can confirm).

My understanding is as follows -

The Data Protection Act came to us via European Legislation.

Its general intention is to give individuals the right to access information held about them by organisations and public / government authorities. The act governs how organisations can use the personal information that they hold - including how they acquire, store, share or dispose of it.

The act is administered and enforced by the Information Commissioner (IC)- an independent authority who is appointed by the Queen and reports directly to parliament.



The Data Protection Act does not specifically relate to CCTV images. In fact (as I said earlier) there is NO UK Legislation specifically covering public space CCTV.



However as public space CCTV spread across the UK, the predessessor to the IC (the Data Protection Commissioner) acting on concerns voiced to her about how CCTV images were being processed / managed. And the fact that CCTV images could be interpreted as Personal Data (in some cases perhaps even SENSITIVE Personal Data) ................ Resulted in her office drawing up the CCTV Code of Practice.



The CCTV Code of Practice IS ONLY GUIDANCE.

If CCTV managers / operators don't follow that guidance, they still may not breach the overarching Data Protection Legislation. Image quality is a very subjective matter and so any prosecution relating to the quality of image being fit for purpose, may be very difficult to progress. So (I am guessing) quite naturally the IC's office has steered well clear of this issue.



I suspect the IC's office could more easilly prosecute CCTV operations for breaches of some of the other data protection principles. For example passing CCTV images (personal data) outside the EEC / or keeping CCTV images for far longer than is really necessary.



Prosecutions for any breaches of the Data Protection Act can (as far as I know) only be carried out by the IC, and I am not aware of any CCTV operations being dealt with under that legislation.



I think all this fuzzyness highlights the need for some primary public space CCTV specific legslation.



(Hopefully my understanding / interpretation fr this matter is correct, but if not please feel free to put forward other views and opinions).

[Ilkie]

I do not profess to be a expert in anything (my wife continues to remind me) and even more so when it comes to the law, however I think the Act allows the DPP to instigate proceedings (see the relevant section quoted below).

So hypothetically if the Police recommended that such action should take place, would the DPP not be obliged to consider the action?



"Prosecutions and penalties. 60. - (1) No proceedings for an offence under this Act shall be instituted-

(a) in England or Wales, except by the Commissioner or by or with the consent of the Director of Public Prosecutions;"


I have also seen some systems where they cannot contravene the DPA as the cameras are incapable of recording any personal data.


Ilkie (in ramble mode again)

[Doktor Jon]

My understanding is as follows -

The Data Protection Act does not specifically relate to CCTV images. In fact (as I said earlier) there is NO UK Legislation specifically covering public space CCTV.

The CCTV Code of Practice IS ONLY GUIDANCE.

If CCTV managers / operators don't follow that guidance, they still may not breach the overarching Data Protection Legislation. Image quality is a very subjective matter and so any prosecution relating to the quality of image being fit for purpose, may be very difficult to progress. So (I am guessing) quite naturally the IC's office has steered well clear of this issue.

I suspect the IC's office could more easilly prosecute CCTV operations for breaches of some of the other data protection principles. For example passing CCTV images (personal data) outside the EEC / or keeping CCTV images for far longer than is really necessary.

Prosecutions for any breaches of the Data Protection Act can (as far as I know) only be carried out by the IC, and I am not aware of any CCTV operations being dealt with under that legislation.

(Hopefully my understanding / interpretation fr this matter is correct, but if not please feel free to put forward other views and opinions).

The problems with the DPA in relation to the use of video surveillance are indeed many and varied.
I think you are absolutely spot on Mick, about the Commissioner steering well clear of any heavyweight policing in relation to possible breaches of the Act.

When I last consulted them about current enforcement policies, they confirmed that (at that time), no organisations had ever been the subject of legal action over repeated failure to comply.

In fact, I was told that the incidence of organisations being formally contacted in relation to the non compliant use of CCTV, was so rare as to be virtually unheard of. Now I've no idea whether that situation has changed at all recently (makes mental note to add to a long list of outstanding things to update (IMG:style_emoticons/default/dry.gif) )

Although the Information Commissioner is the regulator, I would imagine that it is theoretically possible for actions to be brought by other agencies, if they felt so inclined; although having said that, if the Commissioners Office feels that it's unwarrented to persue an action, then it is probably borderline inconceivable that any other organisation would waste any money on a test case.

The export of 'personal data' CCTV outside of the EU, is now virtually impossible to enforce, simply because IP Video or Network Video systems, make it so easy to transmit data streams globally using the internet, and in a purely practical sense, it would in many cases be an uphill struggle to try and find out where the material had been originated.

It's probably worth briefly mentioning that as the DPA makes special provision for exemption where a criminal investigation is involved, the chances are that if recorded material was obtained in breach of the Act, but then subsequently submitted as evidence, the courts would hopefully apply a common sense ruling on its admissability (IMG:style_emoticons/default/unsure.gif)

[Doktor Jon]

So hypothetically if the Police recommended that such action should take place, would the DPP not be obliged to consider the action?

I have also seen some systems where they cannot contravene the DPA as the cameras are incapable of recording any personal data.
Ilkie (in ramble mode again)

On the basis of increasing anecdotal evidence, it does appear that many police forces apply their interpretation of the DPA on all situations, as it would apply to them. In practice, this is very often not the case.

Personally, I would find it hard to relate a situation where the police or the DPP would entertain the notion of persuing a breach of the DPA, particularly as it is much easier to simply refer it back to the ICO.

On a technical albeit pedantic note, the DPA can be applied to systems that are not equipped with any recording facility, if the CCTV equipment is being used to actively monitor the behaviour or activities of a data subject.

The most recent court ruling has underlined the interpretation that the type of equipment being used is not relevant, but rather the way in which the technology is being applied.

So as an example, in a commercial setting, passively recording individuals without replaying or monitoring the recordings, would be exempt from the Act, whereas watching an individual on a monitor would require notification and compliance (unless of course it was part of a criminal investigation, in which case you can proibably guess the rest (IMG:style_emoticons/default/laugh.gif) ).

[AndyFox]

after reading this thread (slightly off thread) I thought I would just give you my thoughts. First of all we do DVR's in vehicles and in fixed CCTv and we offer removable HDD, so the user can swap hard drives as they wish.

Secondly, my role here is as Director of Computer Forensics and this plays an important role with some clients we deal with in the digital CCTV world. Hard drives can not only overwrite but also write data to several parts (or sectors) of a HDD. This means that one is likely to have only physically saved an item once but the hard drive will actually make mulitple savings in different parts (sectors) of the disk. I won't go technical unless peope want me to, suffice to say that just because a recording has been overwritten does not necesarily mean that the data, or video in this case, is not there. Forensic people like me would always say there may be a possibility of retreiving the data even though to the user it does not appear to be there. Lots of technical things like slack space, sectors, unallocated clusters etc etc. but the software that forensic examiners like me use means that we can examine different parts of the disk to retriev footage that had been deleted.