Skip to main content
Sign up to updates
FIND A LAWYER
ARTICLE

Shared spaces and privacy intrusion: what you need to know

In the shared space sector, be it property guardianship, co-living or co-working, greater surveillance and real-time information sharing is likely to become the “new normal” as we learn to co-exist with Covid-19. This is the price of doing business in the shared space sector.

The UK Government’s recent U-turn to belatedly join forces with Google and Apple to create a UK contact tracing app is not the only Whitehall tech initiative aimed at easing lockdown restrictions while maintaining public safety. We also understand progress is being made with another app targeted specifically at the real estate sector.

The app will essentially function as a daily “building health index”, which will provide users (like residents or employees) information like air quality; number of building occupants compared to restricted maximum occupancy; busy areas of the building and reports of how well social distancing is being observed. If the building, or a particular section of the building, shows a low health rating, then users can take evasive action accordingly.

This is in addition to implementing other risk-mitigating technology, such as contactless sensors instead of buttons and switches (for example, for lights, lifts and plugs) and temperature check / fever screening cameras.

Clearly, much of the technology being used depends on the collecting and use of information. A significant amount of that information will be personal data. It is not possible to implement these measures effectively and sustainably without considering the impact of the GDPR and other data privacy law (which still applies as normal, as confirmed by both the Government and the ICO).

If you operate in the shared space sector, these issues are likely to affect your business. There are a number of key requirements to consider:

  • Transparency: your privacy notices should be updated to explain your measures and their impact on individuals’ privacy;
  • Documentary compliance: at least one documentary privacy-specific risk assessment is required;
  • Software/hardware providers: will likely be considered processors under the GDPR, meaning strict contractual terms are required;
  • Surveillance technology: the ICO has specific rules about the use of CCTV and similar technology; and
  • Information management and sharing: organisational protocols should be put in place to ensure that only the minimum amount of personal data is used and that it is only shared and accessed on a strict “need to know” basis.

We have data privacy specialists available to advise on these tricky issues, contact Priya Thapar on +44 (0)20 3691 2063 or email pthapar@greenwoodsgrm.co.uk

Greenwoods Legal LLP is a Limited Liability Partnership, registered in England, registered number OC306912. Our registered office is Queens House, 55-56 Lincoln’s Inn Fields, London, WC2A 3LJ. A list of the members’ names is available for inspection at our offices in Peterborough, Cambridge and London. Authorised and regulated by the Solicitors Regulation Authority, SRA number 401162. Details of the Solicitors’ Codes of Conduct can be found at www.sra.org.uk. All instructions accepted by Greenwoods Legal LLP are subject to our current Terms of Business. VAT Reg No: 161 9287 89.




    By completing and submitting this form, you consent to Greenwoods Legal LLP processing your personal data to provide you with the email update services you have selected and any other materials and information about our services that Greenwoods Legal LLP reasonably believes will be of interest to you. You are free to withdraw your consent at any time by emailing mailinglists@greenwoods.co.uk