Dashboard-mounted cameras, or dash cams, are a great way of protecting your drivers and your business from false claims and ‘crash for cash’ fraudsters. But if you don’t use them responsibly, you could fall foul of the latest data protection laws.
Dash cams are now a common fixture in many company vehicles. They are proven to combat fraudulent claims and reduce at-fault accident rates, in turn leading to reductions in insurance premiums.
However, these vehicle cameras do fall under the General Data Protection Regulation (GDPR), which came into force in May 2018. GDPR granted new data protection rights to individuals with regards to their personal data, and puts new obligations on companies that store personal data. As with CCTV or other surveillance systems, vehicle cameras record images of people. The image of a person is classed as personal data under GDPR – as is the number plate of their vehicle, if it is privately-owned.
GDPR places new responsibilities on companies including:
• Stricter rules around the collection, storage and use of personal information
• A stronger requirement to provide a clear explanation of the personal data that you process, how you process it and with whom you share that data
• A 72-hour window in which you must notify the regulator of a data security breach
• You are also required to notify any individuals impacted by a data breach
Companies also face much greater penalties under GDPR than under the previous legislation – for the most serious breaches, companies can be fined up to a maximum of €20 million or 4% of their global turnover.
With this in mind, it is important that businesses understand the law and its requirements.
Here are some key points to consider:
1. Ensure that you have a robust dash cam policy, or include the use of dash cams in your existing policy on using, storing or processing personal data
2. Your policy should include the length of time for which you will store footage – do not store data for longer than is absolutely necessary
3. Communicate your policy to users of your vehicles fitted with dash cams
4. Notify members of the public that your vehicles are fitted with dashboard cameras – a simple decal displayed on each vehicle will suffice
5. You must securely store all video footage and photographs. Access to the footage should be restricted to authorised personnel who have received the proper data protection training.
Trakm8 recommends that you download and carefully read the Information Commissioner’s Office (ICO) code of practice for surveillance cameras and personal information; and the ICO guide to GDPR:
Referenced within the ICO code of practice is the Surveillance Camera Commissioner’s Code of Practice, which you should also read:
Please note that the Surveillance Camera Commissioner’s Code of Practice only covers England and Wales - Scotland has its own CCTV Code of Practice, which can be found here:
You can find more information about Trakm8’s approach to GDPR here:
If this all sounds a bit daunting, don’t panic! Trakm8’s dash cam experts can help explain the key steps and help you avoid any pitfalls, as part of our customer service.
Share this article: