Hello, I’m Alex Carmichael, Chief Executive of the SSAIB, a UKAS Accredited Inspectorate specialising in the security sector. My organisation has been involved in the certification of CCTV systems against Codes of Practice and British standards (e.g. BS 8418) for many years and supports the Surveillance Camera Commissioner, Tony Porter, by inspecting organisations against the Government’s Surveillance Camera Code of Practice.
The direction the Commissioner has given for the standards strand I chair is to ensure that surveillance camera systems meet the requirement of Principle 8 of the Surveillance Camera Code of Practice to raise standards within the industry. This will give end users the confidence that those who specify, design, install, maintain and monitor their surveillance camera system meet an approved criteria and the surveillance camera system performs in the way that the end user expects it to.
There has been a lot of work undertaken already in the standards area and I would recommend that all readers of this blog visit the Commissioner’s website where they can find more information on this. The Commissioner has recently launched a Passport for Compliance (Operational Requirement) to aid end users understand what they should consider when they decide they wish to have a surveillance camera system.
A lot of work has been completed, but to meet the Commissioner’s aims and aspirations, there is still a lot more to do.
From my strand’s point of view, we are now looking at the standard requirements and the certification needs of Manufacturers, Consultants, Installers, and those who monitor surveillance camera systems. These requirements must consider the work of the other Commissioner’s strand leads including cyber security, which you know from previous blogs, Mike Gillespie is leading, installers led by Simon Adcock, training, led by Gordon Tyreman and voluntary adopters led by Philip Jones, to name a few.
Consider the future
Having the inputs from other strands gives my strand a dynamic that should ensure the outputs are practical, reasonable and affordable – the mantra of the Commissioner. But is also makes my strand look at our deliverables in different ways to ensure they are real-world solutions, that meet the needs of the specific sector (e.g. consultants), and those who will employ them (e.g. local authorities).
We also have to consider that surveillance camera systems are changing rapidly, with the rise of the drones, and the use of body worn video systems with the traditional fixed surveillance camera systems (which may also portable and use WiFi). There is also the Data Protection Act to consider or should I say the General Data Protection Regulations (GDPR) which will come into force next May.
As you can see life in the standards strand is very interesting and demanding, as all the strand members discuss the proposed requirements with the organisations they represent and then feedback into the discussions which then makes us think about the direction we are taking with the proposed requirements. Over the coming months, we hope to have produced some more deliverables which will appear on the Commissioner’s website. These deliverables in standards and certification will support the National Surveillance Camera Strategy and, hopefully, make specifying a surveillance camera system easier.
My final request is that you comment on these blogs, as your views are important to all the strand leads.
Also make sure you sign up for email alerts for Tony’s blog, follow him on Twitter to hear all the latest news about the strategy and register to receive information on products being developed as part of the strategy.
Comment by Nigel Peers posted on
As a senior consultant in security in general, recently I have attended a weeks training course regarding EU GDPR and DPO Practitioner. Although the GDPR will be enforced from May 18, I was really surprised at the lack of direction form the instructor / ICO and the commissioner in relation to surveillance and video data protection and the effects of the new regulation. I understand that this is still a very grey area that the WP29 are yet to clarify. What are your views on this?
Comment by Alex Carmichael posted on
Thank you for your comments and your concerns over the GDPR guidance on Surveillance Camera Systems. The ICO has updated its guidance "A data protection code of practice for surveillance cameras and personal information" June 2017 to deal with new surveillance systems. My view is that the ICO will incorporate any GDPR changes that affect surveillance camera systems in the ICO code before May next year.
Comment by Ash Bellwood posted on
Thank you Alex,
The certification of consultants integrators/installers is something I believe has to happen. The intergrators of CCTV systems have to be accountable as much as the end user / data controllers. Especially when setting up network devices securely for cyber related reasons.