CCTV Code of Practice

1. Introduction

This code of practice aims to ensure that the closed circuit television (CCTV) system of the University of Bristol stands up to scrutiny and is accountable to the people it aims to protect.

The University of Bristol is committed to the belief that everyone has the fundamental right to respect for his or her private and family life and their home.

The code of practice for the University of Bristol closed circuit television system, operated by Security Services, is underpinned by the Information Commissioner's CCTV Code of Practice, Security Industry Authority standards and Security’s operational procedures.

2. Definitions

For the purpose of the code of practice the following definitions will apply:

2.1 University

The University of Bristol

2.2 CCTV

Closed Circuit Television System, which includes digital and analogue recordings

2.3 Security

University of Bristol, Security Services Division.

2.4 Data Controller

The University of Bristol

3. Scope

This code of practice applies to all employees and students of the University of Bristol and all employees of contract services. This code does not apply to standalone webcams or cameras that will be used solely for teaching and research and requests to use such cameras should be sent to the Information Governance Manager (after completing a CCTV Impact Assessment Form (Office document, 23kB)).

4. Ownership and operation of the CCTV System

The CCTV system is operated by Security Services whose personnel are employed directly by the University of Bristol. The CCTV system, all recorded material and copyright is owned by the University of Bristol.

5. Principles

The following principles will govern the operation of the CCTV system.

  1. The CCTV system will be operated fairly and lawfully and only for the purposes authorised by the University of Bristol;
  2. The CCTV system will be operated with due regard for privacy of the individual;
  3. Any changes to the purposes for which the CCTV system is operated will require the prior approval of the University Secretary and will be publicised in advance.

6. Purpose of the CCTV system

The system is intended to provide an increased level of security in the University environment for the benefit of those who study, work, live in or visit the campus.

The CCTV system will be used to respond to the following key objectives, which will be subject to annual assessment:

  • To detect, prevent or reduce the incidence of crime
  • To prevent and respond effectively to all forms of harassment and public disorder
  • To improve the operational response of security patrols in and around the areas where CCTV operates
  • To create a safer community
  • To gather evidence by a fair and accountable method
  • To provide emergency services assistance
  • To assist with health & safety
  • To investigate suspected breaches of University regulations.

As community confidence in the system is essential, all cameras will be operational. An appropriate maintenance programme is in place.

6.1 System details

The CCTV system consists of overt cameras situated on University property, which continuously record activities in the area of coverage. The control room is staffed 24-hours a day by qualified and Security Industry Authority (SIA) licensed staff working in shifts. All systems are recording 24 hours a day but not all are monitored around the clock.

7. Data Protection Act 2018

Recorded images of living, identifiable individuals constitute personal data under the Data Protection Act. As such, the principles of the Data Protection Act will be adhered to and any future changes of legislation will be taken into account.

The use of CCTV is listed in the University’s notification with the Information Commissioner’s Office.

8. Covert cameras

Use of covert cameras will only be authorised by the Director of Legal Services in exceptional circumstances where there is reason to suspect criminal activity or a serious breach of University regulations and notification of the monitoring would be likely to prejudice the prevention or detection of that activity. The period and scope of the monitoring will be as narrow as possible to allow investigation of the alleged offence and the monitoring will cease as soon as the investigation is complete. Only information gathered in relation to the alleged offence will be retained. This information will only be viewed by those for whom access is strictly necessary, for example in relation to potential disciplinary proceedings. A CCTV Impact Assessment Form (Office document, 23kB) must be completed and authorised prior to installation. 

9. Access to information

The Freedom of Information Act and the Data Protection Act will be adhered to in relation to requests for access to CCTV footage. Any request for disclosure of information must be made to the Information Governance Manager in the University Secretary’s Office (data-protection@bristol.ac.uk).

Access to the control room and recorded/live footage will be prohibited except for lawful, proper and sufficient reasons (eg. official visits from law enforcement or inspection agencies, security staff, cleaning staff, etc) and only then with the personal authority (verbal or written) of the Head of Security or deputy. Any such visits will be conducted and recorded in accordance with the procedural manual.

All visitors to the control room will be required to sign the visitor’s book and a declaration of confidentiality.

Any other personnel admitted to the control rooms, such as cleaning staff, engineers or IT staff effecting repairs must be authorised by the Head of Security or deputy (verbally or in writing) and must be supervised at all times whilst they are in the control room.

10. Requests to view footage

All requests to view CCTV footage will be dealt with in accordance with the Data Protection Act and Freedom of Information Act:

Requests for information by the Police and other authorities must be accompanied by the relevant data protection form duly signed by the appropriate authority and must also be made through the Information Governance Manager. Disclosures in relation to the prevention or detection of crime and the apprehension or prosecution of offenders may occur without the consent of individuals under Schedule 2 Part 1.2 of the Data Protection Act 2018.

Internal requests to view CCTV, for instance in relation to a disciplinary investigation, should be made to the University Secretary’s Office clearly setting out why the request is being made and how it might assist the investigation.

Footage may be accessed without Secretary’s Office authorisation in emergency situations where it is vital that the footage is made available immediately. A data protection form must still be obtained to document that the access occurred.

11. Public Information

A copy of this code of practice will be made available to anyone on request.

12. Signage

Signs are placed in the locality of the cameras. The signs indicate:

  • The presence of monitoring and recording
  • The purpose of monitoring and recording
  • The ownership of the system
  • Contact telephone number

13. Complaints

Any use of the CCTV system or materials produced which is outside this code and is inconsistent with the objectives of the system will be considered gross misconduct. This includes the unauthorised use of webcams.

Misuse of the system will not be tolerated; continuing public support is vital. Any person found operating outside these codes without good and reasonable course will be dealt with under the University disciplinary procedure. If any breach constitutes an offence under criminal or civil law then court proceedings may be taken.

Any complaint concerning misuse of the system will be treated seriously and investigated by the Head of Security (or deputy) and the Information Governance Manager. The Head of Security (or deputy) and the Information Governance Manager will ensure that every complaint is acknowledged in writing within seven working days which will include advice to the complainant of the inquiry procedure to be undertaken.

Where appropriate the Police will be asked to investigate any matter recorded by the CCTV system which is deemed to be of a criminal nature.

14. Major incidents

In the event of a major incident arising, such as serious public disorder, bomb threats/explosions or serious fires the police will be given authority to supervise the CCTV control room. Such authority will be given by the Head of Security (or deputy) verbally or in writing.

15. Retention

CCTV footage will be retained for a maximum of 30 days, except in cases where a copy has been made in relation to a police investigation. These copies may be held for up to 12 months.

16. Disposal

The disposal of footage will take place in accordance with the University’s Disposal of computer equipment and secure erasure of data guidance.

17. Review

This code of practice will be reviewed annually.

Email: Information Rights Officer Data-protection@bristol.ac.uk