Virgin Trains might be in trouble for releasing CCTV footage of one its trains to claim Jeremy Corbyn was wrong to say it was “rampacked”.
The release of the footage triggerd #Traingate, the most bizarre scandal scandal yet to hit Corbyn, and his supporters and detractors argued over whether the footage proved there were seats available, contrary to claims Corbyn made in a video he recorded while sitting on the floor, saying the overcrowding showed the need for the railways to be re-nationalised.
Here is Virgin’s version of events:
The episode triggered an online spat over whether Corbyn had been right to say there were no seats.
Amid the arguing on Twitter, The Information Commissioner’s Office has tweeted it is “aware of the issue and making enquiries” after people repeatedly tweeted it asking what it could do.
By coincidence, the ICO had issued guidance on ensuring CCTV is compatible with the Data Protection Act (DPA) earlier this week, which reminded organisations that images of people was covered by the DPA.
The tweet Sir Richard Branson sent included an image where other people’s faces were clearly visible.
Some of the people tweeting about traingate raised the possibility of Virgin Trains facing action for breaching the DPA but on tweeter said the ICO’s resources were limited and the potential DPA breach was not “severe”.
Corbyn’s likeness is clear in the CCTV, though the faces of other passengers have been pixellated.
The ICO has the power to fine organisations that breach the data protection laws.
Last week, it fined Hampshire County Council £100,000 for leaving the personal details of 100 people were found in a disused building.
Scott said this included the CCTV on the trains.
The Information Commissioner’s Office, which regulates the DPA, said it was “aware of the issue” when contacted with complaints about Virgin’s CCTV release, and confirmed to The Huffington Post UK it was “making enquiries”.
“We are aware of the publication of CCTV images of Jeremy Corbyn and are making enquiries,” an ICO spokesperson said.
“All organisations have an obligation to comply with the Data Protection Act and must have legitimate grounds for processing the personal data they hold.
“Where there’s a suggestion that this hasn’t happened, the ICO has the power to investigate and can take enforcement action if necessary.”