The Office of the Privacy Commissioner for Personal Data ("PCPD") published today a report on an inspection of the Closed-Circuit Television System ("CCTV system") used by the MTR Corporation ("MTRC") in train stations and compartments. The report concludes that the system complies with the requirements of the Personal Data (Privacy) Ordinance (the Ordinance), but improvements are needed on the content and/or location of the CCTV notices as well as enforcement of MTRC's policy on the handling and erasure of the CCTV records and footages.
The inspection was carried out pursuant to section 36 of the Ordinance between June 2012 and February 2013. It involved on-site inspection of the personal data system with respect of the CCTV operation at nine interchange or busy train stations with high traffic volume along the 11 rail lines and two train depots, review of relevant manuals/guidelines and interviews with key staff members involved in the operation of the CCTV system.
Background
The report states that the MTRC has installed and used 3,342 CCTVs in the public areas of station premises and 429 CCTVs in train compartments. Out of a total of 347 trains, 78 trains have been installed with CCTV. This means on average for every 10 compartments, there are two CCTVs in operation, covering in excess of one million passengers every weekday.
Images are captured round the clock at various public locations including lifts, escalators, staircases, entrances/exits, platforms and gate areas at MTR heavy rail stations, and a number of stations and junctions along Light Rail rail liness.
Deputy Privacy Commissioner, Ms. Lavinia Chang explained at today's press briefing, “The MTRC is the largest public transport service provider carrying nearly 5 million passengers every weekday. The CCTV system has extensive coverage, affecting a great number of data subjects. In 2008, following media report that the MTRC intended to install CCTV in train compartments for security purposes and provision of assistance to passengers, the PCPD had written to the MTRC urging it to strictly comply with the Ordinance to safeguard the personal data privacy of the public in installing and using the CCTVs. In 2010, the PCPD published a Guidance Note on CCTV Surveillance Practices for corporate data users. This inspection serves as a follow-up check on the MTRC's compliance with the Ordinance.”
Inspection Findings
According to the inspection findings, the MTRC has statutory obligations under the Railways Ordinance, Railways Regulations and bylaws to monitor pre-incidents and investigate post-incidents and to ensure safety of its service. The installation and use of the CCTV system for the purpose of performing such obligations were therefore justified. All of MTRC's CCTV cameras inspected by the Commissioner's officers were also overtly installed and visible.
However, some areas were found wanting:
- The MTRC had not conducted a Privacy Impact Assessment ("PIA") for the CCTV system. A PIA would have clearly identified the relevant data flow and associated privacy risks, and measures could have been taken to minimise or remove such risks. Importantly, it would have provided a credible source of information to allay any privacy concerns of the public and other stakeholders.
- The “CCTV in operation” notices at the entrances to the station premises inspected were not conspicuous and prominent, and non-standard notices were used at the drop off points at Tuen Mun Station and Central Station. All of the notices inspected did not contain sufficient information and did not include details of the officer to whom issues relating to personal data privacy may be addressed.
- On the handling of the MTRC's CCTV footages, retention periods vary for various lines and between the analogue and digital systems. Certain CCTV records were kept longer than the retention period prescribed by the MTRC.
- The login account and password for access to and storage of footages in the Digital Video Recording System were shared among staff members of the Operations Safety Section. This arrangement is not conducive to user accountability and data security.
- USB thumb drives with no encryption facility were found to be used for copying, storage and transfer of personal data captured by the CCTV system.
Recommendations
The PCPD has made a number of recommendations to the MTRC, including the following:
1. All data privacy policies, procedures, instructions and guidelines should be consolidated and streamlined to promote compliance and user-friendliness;
2. The visibility and content of the CCTV notices should be improved;
3. Username and password access to computer recording and storage of CCTV footage should not be shared to ensure accountability and data security; and
4. The policy and procedures on the use of portable storage devices should be enforced to eliminate non-compliance.
The PCPD has issued the Report to the MTRC. The Inspection Report can be viewed at: http://www.pcpd.org.hk/english/resources_centre/publications/files/R13_2768_e.pdf
- End -