Brussels, 18/03/2010 (Agence Europe) - On Wednesday 17 March, following a consultation process launched last July, the European Data Protection Supervisor (EDPS) published guidelines informing the institutions and other European bodies how to use video surveillance appropriately, namely, in a way that minimises the impact on privacy and other fundamental rights. Each institution has until 1 January 2011 to ensure that its practices comply with these guidelines.
In a press release, the deputy data protection supervisor explained that the approach adopted emphasised that “security must … be balanced with fundamental individual rights. This means that fundamental rights and security considerations should not mutually exclude each other”. Giovanni Buttarelli also stated that “by following a pragmatic approach based on the principles of selectivity and proportionality, video surveillance systems can respond to the need for security whilst respecting privacy”.
With the limits included in the legislation on data protection, each European institution and body has a margin of discretion for devising its own system. The guidelines are devised to be adapted to each individual case. This flexibility ought, according to the EDPS, to prevent any rigid or bureaucratic interpretation of data protection concerns becoming an obstacle to the justified necessity of providing security and attaining other legitimate objectives.
At the same time, the EDPS explained that each institution also has to demonstrate that procedures in place comply with demands for data protection. From an organisational point of view, the practices recommended include the adoption of a series of guarantees on data protection and must be described in the institutions' video surveillance policy and in periodic audits verifying compliance of implemented practices. Impact assessments to be carried out by the institutions are being encouraged, whilst preliminary control by the EDPS will still be required for video surveillance systems entailing high risks (covert surveillance or complex preventive surveillance systems).
The EDPS press release concluded that “data protection should not be considered as a regulatory burden or a case in which all the boxes in the compliance case have to be 'ticked off'. On the contrary, it should form part of the organisational culture and good governance upon which decisions are taken by the managers of each institution on the basis of advice provided to them by data protection delegates and consultations with stakeholders”. The guidelines can be consulted at the following address: http: //http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Supervision/Guidelines/10-03-17_Video-surveillance_Guidelines_EN.pdf . (O.L./transl.fl)