Privacy & Cybersecurity Law Blog

On December 11, 2014, in response to a request for a preliminary ruling from the Supreme Administrative Court of the Czech Republic, the Court of Justice of the European Union (“CJEU”) ruled that the use of CCTV in the EU should be strictly limited, and that the exemption for “personal or household activity” does not permit the use of a home CCTV camera that also films any public space.The facts relate to a Czech national named František Ryneš. In 2007, following a series of attacks against his property and damage to his windows, Ryneš installed a CCTV system that recorded the entrance to his home, the public footpath and the entrance to the house opposite. The system recorded video (but not audio) on a continuous loop. Only Ryneš had direct access to the system and the footage it recorded. The Czech court accepted that his only reason for installing the system was “to protect the property, health and life of his family and himself.”

The system recorded footage of a subsequent attack on his property in which a window was broken by a shot from a catapult. Two suspects were identifiable from the footage, and the footage was provided to the police. One of the suspects argued that the CCTV system was unlawful. The Czech Data Protection Authority agreed, on the basis that:

• Ryneš had filmed people on the street or entering the house opposite without their consent;
• He had not provided sufficient notice of the CCTV system to those persons; and
• As a data controller, he had failed to register with the Czech Data Protection Authority.

Ryneš appealed the decision. The CJEU was asked by the Czech court to clarify whether the use of CCTV for the purposes of protecting a private home fell within the “household” exemption in Article 3(2) of EU Data Protection Directive 95/46/EC. Pointing to its earlier decision in Costeja, the CJEU noted that EU data protection law is designed to ensure a high level of protection of the fundamental right of individuals to privacy. It concluded that Ryneš’ system did not fall within the “household” exemption because it filmed a public space, and the exemption is limited to “purely” personal or household activities.

The decision has significant implications for the use of CCTV in the EU. In particular, it is likely to require data protection authorities to revise their guidance on the use of CCTV. It also is possible that the use of CCTV evidence captured in public spaces will increasingly be challenged by defendants in criminal cases, on the basis that the evidence may not have been lawfully obtained.