• At Kemp Little, we are known for our ability to serve the very particular needs of a large but diverse technology client base. Our hands-on industry know-how makes us a good fit with many of the world's biggest technology and digital media businesses, yet means we are equally relevant to companies with a technology bias, in sectors such as professional services, financial services, retail, travel and healthcare.
  • Kemp Little specialises in the technology and digital media sectors and provides a range of legal services that are crucial to fast-moving, innovative businesses.Our blend of sector awareness, technical excellence and responsiveness, means we are regularly ranked as a leading firm by directories such as Legal 500, Chambers and PLC Which Lawyer. Our practice areas cover a wide range of legal issues and advice.
  • Our Commercial Technology team has established itself as one of the strongest in the UK. We are ranked in Legal 500, Chambers & Partners and PLC Which Lawyer, with four of our partners recommended.
  • Our team provides practical and commercial advice founded on years of experience and technical know-how to technology and digital media companies that need to be alert to the rules and regulations of competition law.
  • Our Corporate Practice has a reputation for delivering sound legal advice, backed up with extensive industry experience and credentials, to get the best results from technology and digital media transactions.
  • In the fast-changing world of employment law our clients need practical, commercial and cost-effective advice. They get this from our team of employment law professionals.
  • Our team of leading IP advisors deliver cost-effective, strategic and commercial advice to ensure that your IP assets are protected and leveraged to add real value to your business.
  • Our litigation practice advises on all aspects of dispute resolution, with a particular focus on ownership, exploitation and infringement of intellectual property rights and commercial disputes in the technology sector.
  • We have an industry-leading reputation for our outsourcing expertise. Our professionals deliver credible legal advice to providers and acquirers of IT and business process outsourcing (BPO) services.
  • We work alongside companies, many with disruptive technologies, that seek funding, as well as with the venture capital firms, institutional investors and corporate ventures that want to invest in exciting business opportunities.
  • Our regulatory specialists work alongside Kemp Little’s corporate and commercial professionals to help meet their compliance obligations.
  • With a service that is commercial and responsive to our clients’ needs, you will find our tax advice easy to understand, cost-effective and geared towards maximising your tax benefits.
  • At Kemp Little, we advise clients in diverse sectors where technology is fundamental to the ongoing success of their businesses.They include companies that provide technology as a service and businesses where the use of technology is key to their business model, enabling them to bring their product or service to market.
  • We bring our commercial understanding of digital business models, our legal expertise and our reputation for delivering high quality, cost-effective services to this dynamic sector.
  • Acting for market leaders and market changers within the media industry, we combine in-depth knowledge of the structural technology that underpins content delivery and the impact of digitisation on the rights of producers and consumers.
  • We understand the risks facing this sector and work with our clients to conquer those challenges. Testimony to our success is the continued growth in our team of professionals and the clients we serve.
  • We advise at the forefront of the technological intersection between life sciences and healthcare. We advise leading technology and data analytics providers, healthcare institutions as well as manufacturers of medical devices, pharmaceuticals and biotechnological products.
  • For clients operating in the online sector, our teams are structured to meet their commercial, financing, M&A, competition and regulatory, employment and intellectual property legal needs.
  • Our focus on technology makes us especially well positioned to give advice on the legal aspects of digital marketing. We advise on high-profile, multi-channel, cross-border cases and on highly complex campaigns.
  • The mobile and telecoms sector is fast changing and hugely dependent on technology advances. We help mobile and wireless and fixed telecoms clients to tackle the legal challenges that this evolving sector presents.
  • Whether ERP, Linux or Windows; software or infrastructure as a service in the cloud, in a virtualised environment, or as a mobile or service-oriented architecture, we have the experience to resolve legal issues across the spectrum of commercial computer platforms.
  • Our clients trust us to apply our solutions and know-how to help them make the best use of technology in structuring deals, mitigating key risks to their businesses and in achieving their commercial objectives.
  • We have extensive experience of advising customers and suppliers in the retail sector on technology development, licensing and supply projects, and in advising on all aspects of procurement and online operations.
  • Our legal professionals work alongside social media providers and users in relation to the commercial, privacy, data, advertising, intellectual property, employment and corporate issues that arise in this dynamic sector.
  • Our years of working alongside diverse software clients have given us an in-depth understanding of the dynamics of the software marketplace, market practice and alternative negotiating strategies.
  • Working with direct providers of travel services, including aggregators, facilitators and suppliers of transport and technology, our team has developed a unique specialist knowledge of the sector
  • Your life as an entrepreneur is full of daily challenges as you seek to grow your business. One of the key strengths of our firm is that we understand these challenges.
  • Kemp Little is trusted by some of the world’s leading luxury brands and some of the most innovative e-commerce retailers changing the face of the industry.
  • HR Bytes is an exclusive, comprehensive, online service that will provide you with a wide range of practical, insightful and current employment law information. HR Bytes members get priority booking for events, key insight and a range of employment materials for free.
  • FlightDeck is our portal designed especially with start-up and emerging technology businesses in mind to help you get your business up and running in the right way. We provide a free pack of all the things no-one tells you and things they don’t give away to get you started.

Can operators of home CCTV be classified as data controllers?

In the era of drones, selfies and YouTube, it is perhaps unsurprising that sales of home CCTV kits, and in particular, IP video surveillance systems (which allow digital video footage to be recorded, stored and viewed on internet connected devices), have experienced explosive sales growth. However, a recent Czech case[i] has resulted in a potentially ground breaking decision by the European Court of Justice (ECJ), which could have significant implications for domestic video recording.

Facts

Throughout 2007, Mr Ryneš and his family had been the victims of vandalism, and on various occasions the windows to their house had been smashed. They did not know the identities of the vandals. In response to these episodes, Mr Ryneš installed a CCTV camera system on his property. The camera recorded visual images, but no sound. It was installed on the eaves of the property, in a fixed position, and recorded the entrance to his house, a public footpath and the house opposite. All recording data was transmitted to a hard drive, to which only Mr Ryneš had access.

Unfortunately, the vandals soon returned for another bout of window smashing, this time using a catapult. However, Mr Ryneš’ CCTV system proved effective. The resulting video footage captured both the attack, and the faces of the vandals. Mr Ryneš handed the recording to the police, who were able to use the footage to identify the culprits. The video recording was used as evidence in the resulting criminal proceedings.

Interestingly, one of the suspects submitted an argument to the Czech Office for the Protection of Personal Data, that Mr Ryneš’ CCTV footage should not be admissible in court.  He argued that it was recorded without his consent, while he was standing on a public footpath in front of the Ryneš’ family home. In a dramatic twist to the tale, the Office agreed, taking the view that Mr Ryneš (the victim in this saga) should in fact be fined, for being in breach of Czech personal data protection rules[ii].  They said that:

  • as a data controller, Mr Ryneš had used the home CCTV system to collect personal data from people in a public place, without their consent; (remember- the camera was also facing a public footpath, plus the entrance to the house opposite);
  • Mr Ryneš had not provided a privacy notice to inform people passing by that they would be captured on CCTV; the extent and purpose of the processing; who was carrying out the processing; and who would have access to the data; and
  • Mr Ryneš had failed to notify the Czech Office for the Protection of Personal Data that he was processing personal data in the first place.

Mr Ryneš was, quite understandably, surprised by this decision and appealed, arguing that his use of CCTV equipment was permitted on the basis of an exemption under Article 3(2) of the EU Data Protection Directive[iii], which states that “the Data Protection Directive shall not apply to the processing of personal data by a natural person in the course of a purely personal or household activity.” However, Mr Ryneš’ appeal was dismissed.

He appealed again, this time to the Czech Republic’s Supreme Administrative Court, who in turn, referred the following specific question to the European Court of Justice (ECJ):

Can the operation of a camera system installed on a family home for the purposes of the protection of the property, health and life of the owner of the home, be classified as the recording of personal data “by a natural person in the course of a purely personal or household activity” for the purposes of Article 3(2) of the Data Protection Directive, even though such a system also monitors a public space?

The ECJ's preliminary decision

Firstly, the ECJ ruled that the interpretation of the Article 3(2) Data Protection Directive exemption for a “purely or personal household activity”, should be narrowly construed. Where a camera’s positioning results in video footage of both the individual’s private home, but also partially captures a public space, the definition of “purely or personal household activity” is not fully satisfied, and thus the Directive will apply.

Secondly, as personal data is defined under Article 2(a) as “any information relating to an identified or identifiable natural person”, the ECJ clarified that video footage from a CCTV camera will constitute personal data, as it is possible to identify the person from the footage. The ECJ also confirmed that if the CCTV is recording on a continuous basis, it will satisfy the definition of “automatic processing of data”, under Article 3(1)[iv]

However, in applying the Directive, the courts of EU Member States must also take into consideration the following:

  • Article 7(f)[v]: The legitimate interest of the person who has engaged in the processing of personal data (the “data controller” – Mr Ryneš in this case) in protecting the property, health and life of his family and himself;
  • Article 11(2)[vi]: The data subject will not need to be informed that data processing is being carried out, where the provision of such information proves impossible or would require a disproportionate amount of effort; and
  • Member States may, under Article 13(1)[vii] adopt legislative measures to restrict the scope of the obligations and rights provided for in Article 11(1), if such a restriction constitutes a necessary measure to safeguard the prevention, investigation, detection and prosecution of criminal offences, or breaches of ethics for regulated professions or the protection of the rights and freedoms of others”.

Potential impact

This case is likely to have interesting repercussions on the use of home CCTV equipment which overlooks neighbours’ properties or touches the public realm. The case also highlights the challenges which may be encountered by individuals attempting rely in court on evidence obtained through such recordings.  In the UK, the Information Commissioner’s Office has updated its Code of Practice for CCTV and Surveillance and highlight that cameras monitoring areas beyond the interior or exterior limits of a person’s home may be subject to the Data Protection Act.  They have also offered some guidance to individuals in this regard[viii]

Looking more widely, by taking a restrictive view of the domestic use exemption, the ECJ has potentially caused alarm for bloggers, volunteers, and other ‘amateur’ users of personal information.

For more information contact Nicola Fulford or Tom Sutherland.

 


[i] František Ryneš v Úřad pro ochranu osobních údajů

[ii] Mr Rynes had infringed Czech Law No. 101/2000

[iii] Indent Two , Article 3(2) Data Protection Directive (95/46/EC)

[iv] Article 3(1) Data Protection Directive (95/46/EC)

[v] Article 7(f) Data Protection Directive (95/46/EC)

[vi] Article 11(2) Data Protection Directive (95/46/EC)

[vii] Article 13(1)(d) & (g) Data Protection Directive (95/46/EC)