Resource Library

Security Cameras and Managing Their Data

Date: July 2019

Security camera attached to the outside of a building's brick wall
Recordings from security cameras on member premises are likely subject to a number of laws governing data access and retention, and the public’s privacy.

Before installing security cameras (or surveillance cameras) cameras for purposes other than law enforcement or workplace activities*, members must weigh a number of issues that go beyond the system’s technical capabilities and cost.

Uses of Security Camera Footage

Often security cameras are installed for one purpose and end up providing data for another. The purpose of recordings is important in determining its potential data classification.

Government data is all data collected, created, received, maintained or disseminated by any government entity regardless of its physical form, storage media or conditions of use. The courts have issued two opinions relating to security camera recordings, particularly in regards to their purposes.

In KSTP v. Metro Transit**, a request was made for certain recordings of two incidents involving Met Transit buses. The Met Council declined to produce any data, indicating it was private personnel data. The Minnesota Court of Appeals looked at the use of the recordings and found the video recordings were created for a variety of service- and safety-related functions, not merely for watching the driver. The court deemed the recordings public data.

The Minnesota Supreme Court reversed the Court of Appeals and remanded to the administrative law judge to make findings of fact about when the request was made. In the case of the Metro Transit buses, video recordings are retained for 330 hours and then recorded over. The data on the recordings can be copied to a DVD if the data is required for another use, such as a personnel issue.

The Minnesota Supreme Court said if the data were still in video form when requested by KSTP, it would be public, affirming the Court of Appeals. If the data had been copied to DVD for personnel reasons, then it becomes a question of whether it is public personnel data or private personnel data. The information about the physical form of the data at the time of the request was not in the record.

The second case, Burks v. Metropolitan Council***, involved a blind man (Burks) who was a regular user of metro buses. One particular day, the driver would not let him on the bus. Burks requested the video recording, and the Met Council declined, arguing that the recording was private personnel data. The district and appeals courts determined the data should be classified as public.

The Minnesota Supreme Court affirmed the finding that the data should be released to Burks. However, the court relied on the premise that Burks was the subject of the data, so he was entitled to access of the data regardless of its classification as private or public.  The Supreme Court did not decide if the video recording was personnel data.

In both cases, the Met Council argued that the recordings were maintained because the driver is or was an employee of a public entity. The court considered the multiple uses for the data in making its decisions in the two cases.

Retention of Recordings

Along with the decision of the uses for security camera recordings, the public entity must determine how long to retain the recordings and where they will be stored.  Storage issues relate to security of and access to recordings.

The Official Records Act (Minn. Stat. § 15.17) and the Records Management Act (Minn. Stat. § 138.17) basically require that public entities and officials keep an accurate record of the business they conduct and manage the records so they can be reviewed by the public when a request is made.

Public officers must make and preserve all records necessary to a full and accurate knowledge of their official activities.

It is advisable to understand the purpose of security camera recordings when deciding how long they should be retained.

Protect Public’s Privacy

Minnesota Statutes, Section 609.746 makes it a crime to install surreptitiously or use a device for observing, photographing, recording, amplifying or broadcasting sounds or events in a place where a reasonable person would have an expectation of privacy, such as a restroom, locker room or other changing area.

To violate this law, there must be an intent to intrude upon the privacy of another. Good risk management dictates that the public entity not place security cameras in areas where people expect privacy and to keep a record of where cameras are placed and who maintains them.

In addition, a citizen could bring a lawsuit against a member alleging an invasion of privacy if a citizen is caught on a video recording and feels his or her privacy has been violated (established by the Minnesota Supreme Court in Lake v. Wal-Mart Stores Inc.). This exposure could grow as public entities increase their use of drones equipped with cameras that record data as they fly over various properties.

Because there is potential for lawsuits alleging invasion of privacy, posting signs close to areas under surveillance by security cameras may provide a defense for the public entity.

Data Classification Considerations

Because the recordings from security cameras may be official records, the member’s responsible authority must determine the classification of the data on the recordings. If there is a mix of private data with public data, it may need to be separated. This could be time consuming.

The Minnesota Court of Appeals has stated that the entity may withhold the entire document only when the public and nonpublic data are so inextricably intertwined that segregation of material would impose significant financial burden and leave the remaining part of the document with little informational value (Northwest Publications v. Bloomington, 499 N.W.2d 509 (Minn. App. 1993)).

The Department of Administration Advisory Opinion 03-010 applies this standard to video recordings as well.

In 2001 the Minnesota Department of Administration issued an advisory opinion that recordings from a video camera in the city’s municipal liquor store were government data, even though the cameras were owned and maintained by a security service firm.

The commissioner determined that the data was created at the direction of the city and the city was always in possession of the data (recordings were kept at the liquor store); therefore, the videos were government data.

The commissioner also reviewed the question of whether the recordings could be classified as not public pursuant to Minnesota Statutes, Section13.861 as “security service data.” Minnesota Statutes, Section13.861, subdivision 1(b) defines security service data as “all data collected, created or maintained by a security service for the purpose of providing security services.”

After pointing out that the city directed the recordings be made and that it retained the recordings in its possession, the commissioner rejected the classification as security service data (Department of Administration Opinion 01-090).

Manage  Risks of Security Camera Data

To minimize liability, a public entity should consider the following:

  • Ensure security cameras are not in areas where individuals may have a reasonable expectation of privacy.
  • Create protocols or procedures regarding the general use of security cameras and the maintenance of any recordings (e.g., the time frame that recordings will be kept before recorded over or erased, if not subject to the records retention plan).
  • Post signs that security cameras are used on the premises and/or ensure that cameras are visible and noticeable. Signs serve to inform the public that they should not have an expectation of privacy in the area.
  • Talk to the county attorney or other legal counsel regarding potential legal implications of security cameras and their recordings.

*Law enforcement and workplace activities involve a number of legal requirements for surveillance/security cameras not covered in this article.
**KSTP v. Metro Transit, 868 N.W.2d 920 (Minn. App. 2015), rev. and rem.,_N.W.2d_, No. A14-1957, slip op. (Minn. Aug. 24, 2016).
***Burks v. Metropolitan Council, _N.W.2d_, No. A14-1651, slip op (Minn.Aug. 24, 2016).

Be Aware of Laws Related to Audio Recordings

Recording or interception of conversations has the potential of creating liability for a public entity. Generally speaking, Minnesota law prohibits the secret recording of a conversation unless the recording party is a participant in the conversation or one of the parties to the conversation has given prior consent to the recording, so long as there is no criminal or tortious intent to the recording (Minn. Stat. § 626A.02).

A person violating this law could be subject to criminal penalties, including a fine of not more than $20,000, imprisonment of not more than five years or both. A similar federal law exists. (See Electronic Communications Privacy Act, 18 U.S.C. § 2510-2522 (The Wiretap Act)).

Additionally, because the recording/interception is being done by a government entity, the public entity may want to consider how the Fourth Amendment (impermissible search and seizure) would apply to a situation.

Originally published September 2016, MCIT Bulletin as “Security Cameras: Are You Ready to Manage Their Data?”

The information contained in this document is intended for general information purposes only and does not constitute legal or coverage advice on any specific matter.