UK schools, CCTV and the Data Protection Act 1998

Abstract

The use of CCTV in schools is now commonplace in the UK. It is estimated that 85% of all UK secondary schools currently have CCTV systems in operation. The introduction of the Data Protection Act 1998 (DPA) (enacted in March 2000) meant that for the first time CCTV had direct legislation governing its use in the UK. This paper attempts to apply the decree to the widespread introduction of CCTV technology in schools and argues that the various elements of statute are impractical or inappropriate to educational institutions. The ill‐defined and vague legislation presented in the DPA 1998 provides very little protection to the data subjects in schools (mainly pupils and teachers). In addition, the ubiquity of CCTV in schools in the UK far surpasses the enforcement capabilities and resources of the Information Commissioner’s Office and as such any contravention of the scant provisions of the Act is likely to go unidentified and under‐enforced. In consideration of the DPA, the paper elucidates numerous examples to suggest that a large number of schools are in contravention of the law. The paper outlines the need for bespoke policy to govern and regulate the use of CCTV in schools. Whilst the paper focuses on the case of the UK, it speaks to an international audience in concluding that the use of CCTV and surveillance technologies in schools requires greater scrutiny and regulation.