Article Details

Data watchdog put cops on naughty step for lost CCTV footage. Greater Manchester Police reprimanded over hours of video that went AWOL. The UK’s data watchdog has reprimanded Greater Manchester Police (GMP) force for losing CCTV footage the cop shop was later requested to retain. Information Commissioner’s Office (ICO) said the UK’s third largest police force had failed in its obligation to keep the personal data safe after an individual was held in custody for 48 hours in February 2021. During the custody the CCTV system was in operation. Later, GMP’s Professional Standards Directorate sent a request to retain the data for longer than the standard 90-day period. However, in the process of responding to a subject access request — which affords an individual the right to see data about themselves — GMP subsequently found that two hours of the footage was missing. Despite all attempts, it said it as unable to recover the missing two hours of footage, a discovery which led the force to report itself to the ICO for a breach of data protection regulations. Following its subsequent investigation, the ICO ruled that GMP failed to provide the complainant with their personal data, both without undue delay and by the end of the applicable period of one month. The force also failed to ensure the appropriate technical or organizational measures were in place to protect the accidental loss of the CCTV data it was processing, the regulator said. In a statement, Sally Anne Poole, head of investigations at the ICO, said: “CCTV footage, particularly of a person at their most vulnerable, can contain highly sensitive personal data and must be properly protected. It is vital that authorities like police forces have the strictest measures in place to protect personal data to maintain public trust. “It is clear in this case that Greater Manchester Police failed its obligation to keep the complainant’s personal data safe and demonstrated serious shortcomings in how it handles CCTV footage. Data protection is not an afterthought; it is a core responsibility. "In this case, we see the potential consequences when this responsibility is not properly adhered to,” she said. Since the incident, GMP said it had invested in surveillance and security system infrastructure to improve its capabilities. The force said it had also strengthened internal oversight and governance and introduced a more strictly regulated process. The reprimand might raise concerns as UK police forces enter a new era of data collection. In March, the Metropolitan Police installed the UK's first permanent facial recognition cameras. Last year, the government launched a £20 million ($25 million) competition for tech companies to provide live facial recognition to a number of police forces.