7 legal obligations for operating CCTV at your pub

By Poppleston Allen

- Last updated on GMT

Related tags Closed-circuit television

If your pub operates CCTV your responsibilities go beyond ensuring it works
If your pub operates CCTV your responsibilities go beyond ensuring it works
If you use CCTV at your premises you have certain legal obligations. In this article, licensing specialists Poppleston Allen lists some of the main ones.
  1. You must register with the Information Commissioner's Office (ICO) as a ‘data controller’.
  2. You must let people know that they are in an area where CCTV surveillance is being carried out. Displaying signs is the best way of doing this. These should be visible and readable by members of the public and should contain details of the organisation operating the system if it is not obvious.
  3. Where an individual requests CCTV footage in respect of images of themselves then this is deemed a ‘subject access request’. The premises has a duty to respond to this within 40 days and, on reviewing the CCTV footage, it should be disclosed where it is appropriate and available. It is advisable that this response is made in writing and a copy retained for evidence of a timely response.
  4. If the images include those of third parties and you do not have the equipment to blur them out then you should not release the CCTV footage, providing these images of a third party could be an unfair intrusion into the privacy of the third party or cause any unwarranted harm or distress. You may charge for the cost of any blurring or redaction required, if you are able to access equipment to do this, but it would be sensible to explain these charges to the individual requesting the CCTV images beforehand. 
  5. Where you are unsure as to your obligations on disclosing CCTV footage, such as where third-party images may be an issue, it is advisable to seek legal advice or contact the ICO for guidance as soon as practicable. 
  6. In the unfortunate event that you become aware that you have breached your obligations as a data controller, you must inform the ICO of this breach. 
  7. The penalty for a breach of your obligations as a data controller can range from a ‘warning letter’ and advice from the ICO to a fine (which can be up to £500,000), though these larger fines are confined to the most serious of breaches.

In summary, it is important to remember that if you operate CCTV your responsibilities go beyond simply ensuring that it works. The ICO provides helpful and detailed advice on its website.

CCTV is covered by the 2018 GDPR regulations​. 

Cancer patient kicked out of Wetherspoon pub after CCTV flag 

Huge pub brawl caught on CCTV

Pub CCTV leads to eight year prison sentence

Copyright - Unless otherwise stated all contents of this web site are © 2024 - William Reed Ltd - All Rights Reserved - Full details for the use of materials on this site can be found in the Terms & Conditions

Related topics Licensing law

Related news

Show more

Show more

Spotlight

The Morning Advertiser's Lock In Podcast episode 76 Winning ways! Competition kicked off: entry for the 2024 Great British Pub Awards is now open Hunt is under way for the Great British Pub of the Year Scrum down to the pub: the Albany in Twickenham is an England and Harlequins favourite pre and post matches My Pub: the Albany Pub & Dining Room, Twickenham, Surrey The Morning Advertiser's Lock In podcast shortlisted for award Lock In podcast shortlisted for top award

Most popular News

Follow us

Pub Trade Guides

View more

The MA Lock In Podcast

Join us for a Lock In