EU data protection authorities adopt guidelines for video surveillance – a subjective feeling of insecurity is not enough to justify video cameras!

von Rainer Aigner

At its meeting on January 29, 2020 in Brussels, the European Data Protection Committee (EDPB) passed the guideline on the GDPR-compliant use of video surveillance by a large majority. The supervisory authorities of the EU member states are once again focusing on the principles of proportionality. Every video surveillance represents a clear encroachment on the personal rights of those affected, which is why the operator of the video surveillance system must always have a “legitimate interest”.

The guidelines consider both worlds here: traditional video surveillance with cameras, as well as “smart video devices”.

This also lays the foundation for uniform signage for monitored areas across Europe. Here, the EDSA follows the guidelines and models already established in Germany by supervisory authorities, the 2-stage signage. Accordingly, private and state agencies are only allowed to install video surveillance in public spaces for clear objective reasons. In the case of video surveillance for security reasons, there must always be actual indications of a risk to life, limb or property, emphasizes the EDSA. A purely subjective discomfort with the feeling of security is not enough to justify such a measure. In any case, video surveillance must always be individually checked, assessed and the results adequately documented, otherwise high fines are threatened! The guidelines also refer to the appropriate storage periods. Here, the practice already common in Germany, “the shorter the better – the longer the more arguments have to be made” has been confirmed. An automated deletion of the records after 1 or 2 days should be mandatory. It must be possible to justify this storage period very well, especially if recording is longer than 72 hours. Appropriate and well-documented technical and organizational measures are also mandatory.

Direct link to the guide:

Are you not sure whether your company implements video surveillance in compliance with GDPR? Call us on 08505 919 27-0 or fill out our contact form. We’re here to help. Source:

Rainer Aigner

„Egal ob Sie einen externen Datenschutzbeauftragten oder Beratung zu Datenschutz oder mehr IT Sicherheit benötigen. Durch meine langjährige Erfahrung als Datenschutzbeauftragter oder Berater im Betrieb hochsicherer Rechenzentren + IT Infrastrukturen mit den erforderlichen Schutzmaßnahmen auch in hochsensiblen Bereichen, stehe ich Ihnen mit meinem KnowHow und meiner umfassenden Erfahrung in Datenschutz und IT Security zur Verfügung. Dabei liegt mir immer Ihre Zufriedenheit am Herzen. Sprechen Sie mich an – gemeinsam finden wir die ideale Lösung.“