Private cameras and GDPR
Originally published: newspaper “Ta Nea” – Letters (in Greek)
Date: 6/06/2019
Aimilios Koronaios
Attorney at Law
LL.M. (Aberdeen), LL.M. (Athens)
Mr. Director,
On May 25, 2019, one year passed since the implementation of the General Data Protection Regulation, also known as the GDPR. The launch of its implementation raised great expectations for the significant strengthening of personal data protection inside and outside the European Union. This is because it is a legislative text that deifies the rights of personal data subjects, threatening to impose high fines in case of violations.
Unfortunately, the report of the first year of implementation of the GDPR in Athens regarding the operation of video surveillance systems in private areas remains in view of the outcome extremely disappointing. A brief tour of its neighborhoods allows us to easily find that our city is full of such cameras that do not operate legally. The strict conditions set by both the GDPR and the Greek Data Protection Authority regarding the permissibility of their installation and use in many cases are not met, as is obvious to the naked eye.
Indicatively, in order for the operation of cameras installed in private spaces to be legal, it is generally forbidden to take images from side streets and sidewalks, as there is a risk of surveillance of the bystanders. In case this is exceptionally permissible, the display of clear information signs is required. It is also forbidden in any case to take images from the entrance of neighboring areas.
Are the above observed? Unfortunately, no. Instead, cameras are being installed en masse in private spaces, more and more often, without any concern for their installation location and shooting angle. The monitoring of bystanders and entrances of neighboring areas is very extensive. Posting of information signs rarely takes place.
This is an unregulated situation that deeply affects the right to protection of our personal data. The awareness of all of us is imperative, as is the mobilization of the State. Let the next year of implementation of the GDPR not be a wasted time in this field.