Home Interesting reads 6 Ways Businesses can make their Dash Cams Data Protection Compliant

6 Ways Businesses can make their Dash Cams Data Protection Compliant

photo of classified files

Dash cams have been on the rise for years, both for the everyday driver’s personal protection and for fleet managers who want to protect both their staff and business in the event of a fraudulent accident claim.

In fact, since March 2021, anyone who sends trucks to London now needs to comply with new DVS regulations, and there are new rules around the installation of cameras. Vehicles that did have cameras fitted already needed to upgrade to comply with the regulations, and those with no cameras fitted faced a very expensive transformation to make sure their staff were as protected as possible by various cameras.

The rules around cameras have been introduced with the intent to protect pedestrians and cyclists further. The use of this footage can reduce the price of some HGV fleet insurance policies as they can serve as evidence in court against fraudulent claims.

However, images and video footage of people and their number plates is classed as personal information under the Data Protection UK Act (GDPR no longer applies to us since our exit from the EU). If businesses are found to seriously breach this, they can be fined up to £17.5 million or 4% of annual global turnover, whichever is the larger amount. Here, we’ve rounded up six ways you can make sure you aren’t breaking any rules.

1. Have a clear data protection policy in place

Every business should have a clear data protection policy in place that employees should sign and agree to when they join the company. This should detail the sort of information you hold on staff, where it is stored, how long you keep it for after they leave etc.

You should also be very clear about the camera usage in your vehicles. You should write the same amount of detail as you would for personal employee information, e.g. how long the data is stored, where it is stored, how it is transferred from location to location (e.g. from a HGV to a computer inside the business premises) etc. 

These policies should be easily accessible – in a secure, password-protected shared drive is a good idea – and employees should be able to request the data you have on them at any time (this is called a ‘data protection request’). You may even want to supply driver guides and information stickers for display within your fleet of vehicles.

2. Make use of signage

Many HGVs now make use of signs that dash cam footage is being recorded to alert other drivers. These signs must be clearly visible and readable to other road users, as well as anyone else in the vehicle.

Many dash cams now also record sound, which a fellow passenger may not be aware of. Some of the higher-end cameras even record inside the vehicle too. This could be a serious breach of privacy if others are not aware.

3. Only use the cameras and footage for their intended purpose

Dash cams should be for protecting yourself against legal claims and nothing more. According to Gov.uk’s guidance, you must only use footage for its intended purpose, rather than monitoring your staff. If you are found to be breaching this, you could potentially find yourself in legal trouble.

4. Control who has access to the footage

This is incredibly important to define in your data protection policy. While some everyday drivers may upload YouTube videos of bad drivers on the road, or funny incidents that occurred, it is best to leave that to them. 

If one of your employees does this and is found to be associated with your company, you could end up facing a hefty fine from the courts, especially if licence plates or pedestrian’s faces are clearly visible.

It is also important to note that if you are required to share dash cam footage with the courts or your insurance company, they then become a joint data controller of the footage and therefore need to abide by your data protection policy. Therefore, it is wise to ensure this is easily accessible in such situations, and perhaps even work a paragraph about respective responsibilities into the policy for instances such as these.

Law enforcement authorities, such as the police and the courts, should request the disclosure of recordings. It is advisable to have evidence of this request made in writing, particularly if a crime is being investigated, such as overnight criminal damage to the vehicle.

5. Make sure they are stored securely

Ensure that both the vehicle the dashcam is used in and where the footage is stored is very secure – inside a secure garage and locked premises are the best way to go about this. There must also be a secure method for moving footage (e.g. the micro SD card within the camera) from one location to another. 

6. Report any data breaches within 72 hours

If data is seriously breached, e.g. an unauthorised person has gained access to dashcam footage, you MUST report this to the Information Commissioner’s Office within 72 hours. They have stated that you do not need to report every single breach, just ones where there is a serious ‘risk to people’s rights and freedoms’.