BC Privacy Commissioner finds city's use of public surveillance cameras unlawful ... off to court

The Information and PrivacyCommissioner of British Columbia just found that the City of Richmond in the BC lower mainland broke the law when it installed ultra-high-definition cameras in public places that capture faces, licence plates, and other identifiers. The Commissioner recommended that they take down the cameras and delete all the recordings. The City said “nope”, so the Commissioner issued a binding order for them to stop collection, delete recordings, and disband the system.

This is definitely going to court. The City of Richmond issued a statement saying they think it is lawful and appropriate, and are looking to have the legality of all of this determined by the Courts. I think that’s a good thing … the more clarity we have from the superior courts on the interpretation of our privacy laws, the better.

I should note that while these laws are generally consistent from province to province, there is a big variation on how police services are delivered. Not all of the conclusions of this finding will necessarily be applicable in all other provinces or municipalities.

The City of Richmond in British Columbia began field testing its “Public Safety Camera System” – or PSCS – in early 2025 at the intersection of Minoru Boulevard and Granville Avenue.

The City’s stated sole purpose was to collect and disclose video footage to the RCMP to assist in identifying criminal suspects. That point—sole purpose—is central to the Commissioner’s analysis. There was no other rationale for the City of Richmond to put up these cameras in these locations. 

Operationally, the system involved multiple high-resolution cameras capturing:

• licence plate numbers,
• high-definition images of vehicle occupants,
• pedestrians,
• vehicle identifying features, and
• location/time information tied to the intersection.

The cameras recorded continuously, and the City retained footage for 48 hours before deletion.

The field test included capabilities like licence plate recognition, pan-tilt-zoom variants, panoramic/multi-sensor configurations, and other detection features; the City confirmed it did not use facial recognition or built-in audio recording during field testing, though some cameras had those capabilities.

The City’s goal for the field test was essentially procurement-and-design: evaluate camera tech, decide numbers and placement, assess performance in different conditions, and confirm the PSCS could generate “usable” footage for law enforcement use later.

Under BC FIPPA, public bodies can’t collect personal information just because it seems useful. Collection has to fit within a listed authorization—most importantly here, s. 26.

The Commissioner situates that within a broader privacy-protective approach: privacy rights are treated as quasi-constitutional, and public bodies should only compromise privacy where there’s a compelling state interest.

Richmond relied on three possible authorities:

• s. 26(b) (law enforcement),
• s. 26(c) (authorized program/activity + necessity),
• s. 26(e) (planning/evaluating a program/activity).

The Commissioner rejected all three, finding there simply was not legal authority for the collection of personal information – and without legal authority, there’s no lawful collection.

Richmond first said they were authorized under s. 26(b):

26          A public body may collect personal information only if

(b)          the information is collected for the purposes of law enforcement,

Note the use of the word “only”. Unless section 26 permits it, a public body cannot collect personal information.

Richmond’s theory was straightforward: the definition of “law enforcement” includes policing, and the PSCS was meant to support policing by helping identify suspects—so it’s “for law enforcement.” That was their alleged purpose.

The Commissioner accepted there’s a connection: the information might be used by the RCMP in policing. But the Commissioner says that’s not the end of the inquiry, because the collector is the City—and the City must have a law enforcement mandate of its own to rely on s. 26(b).

This is a recurring theme in Canadian privacy oversight: a public body can’t bootstrap a law-enforcement collection power merely because another entity with a law-enforcement mandate might find the data useful.

The City may pay for law enforcement, and it may provide resources to law enforcement but they do not have a lawful law enforcement mandate. 

The report describes three arguments Richmond advanced:

1. RCMP mandate should be imputed to the City (because the City “provides” policing by contracting with the RCMP to do it).
2. The City has a mandate to collect information for the RCMP.
3. The City has its own independent mandate to police through the cameras.

The Commissioner’s response is pretty technical: under the Police Act and the Municipal Police Unit Agreement framework, municipalities fund and resource policing, but policing authority and law enforcement functions remain with the police, operating independently of the municipality.

He underscores that the Police Act sets out specific ways a municipality provides policing—such as establishing a municipal force or contracting with the RCMP—and “running a surveillance camera system for the police to use” is not among those statutory options.

He also points to the RCMP’s peace-officer functions and the Municipal Police Unit Agreement structure as vesting law enforcement responsibilities in the RCMP, not the City, and he reads the legislative set-up as intentionally keeping policing independent from municipal control.

So this argument advanced by the City failed: the City lacked the necessary law-enforcement mandate, so it could not collect under s. 26(b)—even if the police might later use the footage.

Section 26(c) is the classic “public body operational authority” provision: even if a statute doesn’t explicitly say “collect this kind of personal information,” a public body can collect personal information if it is both:

• directly related to an authorized program or activity, and
• necessary for that program or activity.

Richmond framed its program as essentially: an intersection camera program to identify criminal suspects following criminal incidents, pointing to broad service powers under its Community Charter.

But the Commissioner rejected that program characterization as “authorized,” because—again—of the Police Act structure. In the Commissioner’s view, “collecting evidence to identify criminals that the RCMP may rely on” isn’t part of how the City is authorized to provide policing services or resources under the Police Act framework.

So, the analysis fails at the first step: if the underlying “program” isn’t authorized, 26(c) can’t save the collection.

The report goes further and addresses necessity. The Commissioner emphasizes that the City’s record was limited in establishing that: (a) unresolved crime was “real, substantial, and pressing,” (b) existing measures were ineffective, or (c) less intrusive means had been seriously examined.

He characterizes the intrusion into privacy as “vast,” relative to the limited evidentiary foundation offered to justify necessity.

The net effect was that the Commissioner was not satisfied that the City demonstrated that mass capture of high-definition identifying footage from “tens of thousands of people each day” who had nothing to do with any sort of crime was necessary for the purported municipal activity.

Richmond also argued: the field test is just planning and evaluation, and s. 26(e) specifically authorizes collection necessary for planning/evaluating a program.

The Commissioner’s treatment of 26(e) is crisp: 26(e) presupposes that the program being planned or evaluated is otherwise authorized. You can plan or evalue an authorized program, but if the program ain’t authorized, you can’t collect personal information to plan or evaluate it. Richmond itself largely accepted that proposition, and the Commissioner agreed.

Because the Commissioner had already found the PSCS was not authorized under 26(b) or 26(c), Richmond could not rely on 26(e) to do “planning” for an unauthorized program.

It makes sense that you can’t use the planning/evaluation clause as an end-run around the core requirement of lawful authority. Otherwise, everything under the sun could be said to be for planning or evaluation. 

FIPPA generally requires notice of purpose and authority when collecting personal information. Richmond tried to avoid notice by invoking s. 27(3)(a)—the idea that a notice is not required where the information is “about law enforcement.”

The Commissioner gives two responses.

First: the City couldn’t rely on law enforcement as its underlying authorization in the first place—so that alone undermined the attempt to rely on the exception.

Second, and more fact-specific: during the field testing phase, the City had confirmed it was not using the information for actual public safety or enforcement purposes—only to test and evaluate camera technical capabilities.

So even reading “about law enforcement” broadly, the Commissioner questioned whether the testing-phase collection qualified as “about law enforcement,” because it would not be used to enforce any laws, and there was no compelling enforcement purpose weighing against notice.

Richmond did install signs, but the Commissioner describes them as a “courtesy” and finds them legally inadequate.

The sign said “PUBLIC SAFETY CAMERA TESTING / FIELD TESTING IN PROGRESS AT THIS INTERSECTION” with contact information for the City’s Director of Transportation.

The Commissioner’s critique is twofold:

1. First there was a Content deficiency: the signs did not clearly notify people that cameras were recording and collecting personal information, and did not include the purposes and legal authority for collection as required by s. 27(2).
2. And secondly there was a Placement deficiency: signage was vehicle-focused, placed for eastbound and westbound approaches, but did not address entries from other directions and did not notify pedestrians—despite the system’s capacity to capture pedestrians and pan widely, including multi-direction recording.

The Commissioner’s conclusion is direct: the City did not adequately notify individuals when it collected their personal information during field testing.

The report notes that disclosure under s. 33(2) generally depends on lawful collection in the first place, and because the collection lacked authority, the City could not rely on “consistent purpose” disclosure to the RCMP for evaluation.

On security, the Commissioner acknowledges the City described a reasonably robust set of safeguards, and that even where collection is unlawful, the City still has a duty under s. 30 to protect personal information in its custody or control.

But safeguards don’t cure lack of authority. They are necessary, not sufficient.

The OIPC’s recommendations were blunt:

1. stop collecting personal information through the PSCS,
2. delete all recordings, and
3. disband the equipment.

Richmond advised it would not comply, and the Commissioner issued Order F26-01, requiring immediate compliance and written evidence of compliance by a specific date.

My takeaway is that the Commissioner’s reasoning is primarily structural and jurisdictional: the City tried to create a surveillance-for-police capability, but the Commissioner reads BC’s legal framework as drawing a hard line between municipal services and police law-enforcement authority—particularly when the activity is mass surveillance in public space.

If you’re a public body contemplating “pilot projects” with high-capability cameras, the report is a reminder that planning provisions don’t let you pilot an unauthorized program, and that “law enforcement adjacent” doesn’t equal “law enforcement authorized.”

For a public body, every collection of personal information has to be directly authorized by law. It’s worth noting that the “law enforcement” provision in most public sector privacy laws is wide enough to drive a truck through. The RCMP in Richmond could have paid for and put up those cameras all over the place, since they have a law enforcement mandate. 

Criminal courts are pretty adept at dealing with privacy invasions on a case-by-case basis using section 8 of the Charter, but we actually need a better way to to evaluate proportionality, necessity and appropriateness when it comes to proposed police programs that hoover up data on hundreds, thousands or maybe millions of innocent people in the name of “law enforcement”.

It’ll be interesting to see how the courts deal with this.