I believe the GDPR covers surveillance cameras. At least, Sweden’s version of the GDPR does cover cameras. It is illegal to film public places without approval from the police. If I want to put up a camera, it needs to only film my property, with no sight lines of public space.
It’s also been illegal to publish aerial photos of the horizon in sweden for a long time, for security reasons. If you publish a photo of the horizon, there is a possibility that there is military base or other secured object in the photo, and you could be in serious trouble. So you need to get approval from the government before publishing the photo.
I think that part of the problem here was that the person who compromised the cameras was able to robotically rotate them to look at something else. So it’s not just what they’re aimed at, but what they can be remotely-aimed at that matters for this.
This ties into the “legitimate purpose” of the previous point: you are not forbidden from publishing photos “of the horizon”, but an “aerial photo that goes up to the horizon” is likely to go way beyond any legitimate purpose, also showing your neighbor’s property, any nearby public roads with people (aka: personal information) on them, along with any possible strategic infrastructure.
The review process is for strategic infrastructures, but in this case it’s a double whammy, where you also need to comply with the GDPR.
As a private person, IMY’s page states this requirement for setting up a surveillance camera.
att kameran inte fångar en plats dit allmänheten har tillträde
But yeah, GDPR isn’t very restrictive unless you’re capturing personal information without a valid reason. Usually the police/myndighet permits are just to make sure that you have a valid reason.
I believe the GDPR covers surveillance cameras. At least, Sweden’s version of the GDPR does cover cameras. It is illegal to film public places without approval from the police. If I want to put up a camera, it needs to only film my property, with no sight lines of public space.
https://www.imy.se/privatperson/kamerabevakning/fragor-och-svar---privatpersoners-kamerabevakning/
It’s also been illegal to publish aerial photos of the horizon in sweden for a long time, for security reasons. If you publish a photo of the horizon, there is a possibility that there is military base or other secured object in the photo, and you could be in serious trouble. So you need to get approval from the government before publishing the photo.
https://www.lantmateriet.se/sv/spridningstillstand/undantag/
I think that part of the problem here was that the person who compromised the cameras was able to robotically rotate them to look at something else. So it’s not just what they’re aimed at, but what they can be remotely-aimed at that matters for this.
That is not correct, you just need to follow the GDPR guidelines regarding data handling and legitimate purpose:
https://www.imy.se/privatperson/kamerabevakning/att-vara-personuppgiftsansvarig/
This ties into the “legitimate purpose” of the previous point: you are not forbidden from publishing photos “of the horizon”, but an “aerial photo that goes up to the horizon” is likely to go way beyond any legitimate purpose, also showing your neighbor’s property, any nearby public roads with people (aka: personal information) on them, along with any possible strategic infrastructure.
The review process is for strategic infrastructures, but in this case it’s a double whammy, where you also need to comply with the GDPR.
As a private person, IMY’s page states this requirement for setting up a surveillance camera.
But yeah, GDPR isn’t very restrictive unless you’re capturing personal information without a valid reason. Usually the police/myndighet permits are just to make sure that you have a valid reason.