Liech­ten­stein Data Pro­tec­tion Aut­ho­ri­ty: Infor­ma­ti­on on Video Surveillance

The Liech­ten­stein data pro­tec­tion aut­ho­ri­ty has Notes on video sur­veil­lan­ce accor­ding to the DSGVO and the new DSG-LI published. The expl­ana­ti­ons on the admis­si­bi­li­ty based on a legi­ti­ma­te inte­rest are inte­re­st­ing (alt­hough other legal bases are also explai­ned). The data pro­tec­tion aut­ho­ri­ty sees a legi­ti­ma­te inte­rest as follows:

A legi­ti­ma­te inte­rest can be of an eco­no­mic, legal or ide­al natu­re. For exam­p­le, video sur­veil­lan­ce can pro­tect against burgla­ries, thefts or van­da­lism. Whe­ther the­se pur­po­ses are actual­ly per­mis­si­ble must always be asses­sed on the basis of the risk situa­ti­on in the indi­vi­du­al case. The legi­ti­ma­te inte­rest exists when it can be pro­ven that the­re is an actu­al dan­ger. The lat­ter is espe­ci­al­ly true if the­re have been in the past dama­ge or theft has alre­a­dy occur­red is. Docu­men­ta­ti­on of the­se inci­dents is recommended.

In addi­ti­on, in cer­tain situa­tions, an abstract risk situa­ti­on may also be suf­fi­ci­ent if, accor­ding to life expe­ri­ence, the cir­cum­stances are typi­cal­ly such a hazard have, such as in stores that sell valuable goods (e.g., jewe­lers) or that are poten­ti­al­ly par­ti­cu­lar­ly vul­nerable with regard to asset and pro­per­ty cri­mes (e.g., banks).

Is fore­seeablethat future burgla­ries or theft dama­ge can­not be pre­ven­ted by other means, video sur­veil­lan­ce is to be clas­si­fi­ed as a per­mis­si­ble means.

Howe­ver, the data pro­tec­tion aut­ho­ri­ty makes this sub­ject to the over­ri­ding inte­rests of the data sub­jects, for exam­p­le if

[…] the video sur­veil­lan­ce into the Pri­va­cy of peo­p­le, for exam­p­le by moni­to­ring toi­lets, sau­nas, show­ers or chan­ging rooms. Fur­ther­mo­re, the inte­rests wort­hy of pro­tec­tion also pre­vail in tho­se cases whe­re the Deve­lo­p­ment of the per­so­na­li­ty is in the fore­ground, such as whe­re peo­p­le come tog­e­ther, eat, drink or relax.

Also clas­si­fi­ed as inad­mis­si­ble is a per­ma­nent moni­to­ringwhich is a gre­at bene­fit for tho­se affec­ted. unavo­ida­ble for exam­p­le at the workplace.

This is con­vin­cing in prin­ci­ple. It should be added, howe­ver, that the balan­cing of inte­rests must be more or less sche­ma­tic, but in and of its­elf takes into account all cir­cum­stances, in par­ti­cu­lar also the “safe­guards” that the GDPR often men­ti­ons, i.e. all mea­su­res to pro­tect the data sub­ject, which include spe­cial trans­pa­ren­cy mea­su­res (if appli­ca­ble. bey­ond Art. 12 and 13 GDPR), but also a data pro­tec­tion impact assess­ment, which can also be car­ri­ed out vol­un­t­a­ri­ly (unless it is requi­red under Art. 35(3)(c) GDPR or a black­list) and would also have to be taken into account in the balan­cing of interests.

In addi­ti­on, the moni­to­ring must be trans­pa­rent, which would requi­re a sign in the case of video sur­veil­lan­ce. To this end, the data pro­tec­tion aut­ho­ri­ty pro­po­ses fol­lo­wing pat­terns (which are some­what more con­cise than the pat­terns of the Sta­te Com­mis­sio­ner for Data Pro­tec­tion Lower Sax­o­ny):