The company which operates the CCTV cameras that recorded the damning footage of former Health Secretary Matt Hancock and colleague Gina Coladangelo having a “tongue sandwich” and “breaking social distancing guidelines” has reported the incident to the Information Commissioner’s Office.
EMCOR Group (UK), which provides facilities management and CCTV services for the Department of Health & Social Care (DHSC), has submitted a breach report as a processor of personal data, alleging images were taken from its system without consent from either EMCOR Group (UK) or the DHSC.
Images from the video were published in The Sun newspaper late last month, under the headline: “CHEATING HANCOCK. Matt Hancock’s secret affair with aide Gina Coladangelo is exposed after office snogs while Covid raged on.”
The Sun attributed its report of Hancock’s affair to “a concerned Whitehall whistleblower who thought they deserved a wider audience”.
However, it is a grey area; according to data laws, “those responsible for using personal data must ensure it is used fairly, lawfully and transparently, for specific purposes, in a way that is relevant and limited to what is necessary, kept for no longer than is necessary and handled in a way that ensures appropriate security”.
The Sun could argue that publishing the pictures was in the public interest, but whether that defence will be applicable to whoever allegedly stole the footage is another matter.
In response to the breach report, ICO teams have carried out searches of two residential properties in the South of England, seizing personal computer equipment and electronic devices as part of the operation.
The ICO says its enquiries into alleged breaches of section 170 of the Data Protection Act 2018 continue.
ICO director of investigations Steve Eckersley said: “It’s vital that all people, including employees and visitors to public buildings, have trust and confidence in the protection of their personal data captured by CCTV.
“In these circumstances, the ICO aims to react swiftly and effectively to investigate where there is a risk that other people may have unlawfully obtained personal data. We have an ongoing investigation into criminal matters and will not be commenting further until it is concluded.”