UK Video Telematics Compliance: What the Data (Use and Access) Act 2025 Means for Fleet Management in 2026

Blog
March 6, 2026 Blog
20 Minute read
06Mar
EasyNet Technologies blog header image — HGV driver with dashcam, illustrating UK video telematics and fleet camera compliance guidance for 2026.

Introduction

UK fleet operators are being pulled in two directions at once. On one hand, physical safety regulations are mandating more camera hardware on vehicles than ever before — London’s Direct Vision Standard, new mirror-replacing camera rules, and accreditation schemes like FORS are all pushing cameras further into everyday fleet operations. On the other, the legal framework governing how businesses handle the data those cameras collect has just undergone its most significant change since Brexit.

The Data (Use and Access) Act 2025 came into law in June 2025, and its core data protection provisions took effect on 5 February 2026. The Information Commissioner’s Office (ICO) has placed every one of its vehicle surveillance guidance pages under formal review as a direct result. Fleet managers who installed their camera systems under the previous rules and assumed nothing had changed may be operating on outdated assumptions.

This article explains what the law required before 2025, how the regulatory landscape has shifted, and what fleet operators need to do in 2026. Whether you run a handful of vans or a large mixed fleet, the steps are the same — and they are manageable if you approach them methodically.

Structure:

  1. Introduction
  2. How Video Telematics Became Standard in UK Fleets
  3. The Legal Framework That Governed Fleet Cameras (2018–2024)
  4. The Physical Safety Regulations Now Mandating More Cameras
  5. What the Data (Use and Access) Act 2025 Actually Changed
  6. The Driver Acceptance Problem
  7. Compliance Guide: Eight Steps for Fleet Operators in 2026
  8. Conclusion: What This Means for Fleet Camera Hardware Decisions

How Video Telematics Became Standard in UK Fleets

In-vehicle cameras were once a novelty. Today they are close to a baseline expectation for any professionally run UK fleet. The shift happened gradually, driven by a combination of commercial pressure, safety culture, and regulatory requirements that built on each other over the course of a decade.

Insurance and Fraud Prevention

The most immediate driver was insurance. UK fleets became early adopters of forward-facing dashcams as a defence against “crash for cash” fraud — staged collisions designed to generate insurance claims. Insurers responded by offering premium reductions for fleets with camera evidence, and the logic became circular: fleets without cameras were increasingly at a disadvantage when disputing claims without footage to support their version of events.
Over time, the type of camera evidence that insurers valued expanded. Forward-facing cameras gave way to multi-camera systems covering the nearside, rear, and eventually the driver-facing view, as insurers recognised that comprehensive footage reduced claim costs across a wider range of incident types.

FORS and the Accreditation Effect

The Fleet Operator Recognition Scheme (FORS) accelerated adoption significantly. As FORS Bronze, Silver, and Gold accreditation became standard requirements for operators working on publicly funded contracts, construction projects, and Transport for London-regulated operations, the camera specifications embedded in the FORS Standard effectively became industry requirements. FORS Bronze requires Class V and VI mirrors or equivalent camera monitoring systems. Silver mandates nearside blind-spot cameras and rear-view cameras for vehicles over 7.5 tonnes. Gold goes further, requiring nearside blind-spot camera systems on all HGVs with simultaneous DVR recording as best practice.

For operators who needed FORS accreditation to win contracts, compliance was not optional — which meant camera hardware investment was not optional either.

FORS accreditation made cameras non-optional

For any UK operator working on publicly funded contracts or TfL-regulated operations, FORS compliance effectively mandates camera hardware. If your business needs FORS Bronze, Silver, or Gold to win work, camera investment is not discretionary — it is a contract requirement.

The Direct Vision Standard (Phase 1)

London introduced its Direct Vision Standard (DVS) in 2021, requiring HGVs over 12 tonnes operating within Greater London to hold a safety permit. Vehicles rated zero stars for driver direct vision were required to fit a Safe System — a package of camera, sensor, and warning equipment to compensate for the blind spots created by their cab design. This was the first UK regulation to directly mandate specific camera hardware on commercial vehicles, and it set a template that would be significantly strengthened in 2024.

The Rise of Driver-Facing Cameras and AI

The most significant shift in recent years has been the move from passive recording to active safety management. Driver-facing cameras equipped with AI event detection — able to identify mobile phone use, seatbelt non-compliance, drowsiness, and distraction in real time — transformed in-vehicle cameras from evidence devices into coaching tools.
The British Safety Council has noted the dual role this creates: cameras that drivers initially resist as surveillance instruments become, in practice, their best protection against false claims and unfair blame. Fleet operators who successfully explained this benefit to their drivers reported significantly faster uptake and far lower resistance to the technology.

Cameras work best when drivers understand them

The shift from passive recording to active AI coaching only delivers results when drivers trust how the data is used. Operators who explain the protective value of cameras to their drivers report dramatically faster acceptance and measurably safer outcomes. 

The Legal Framework That Governed Fleet Cameras (2018–2024)

Before 2025, the legal framework for fleet camera use in the UK rested on three interlocking pieces of legislation and guidance, all of which remain the foundation of the current framework even after the changes introduced by the Data (Use and Access) Act.

UK GDPR and the Data Protection Act 2018

Following Brexit, the EU’s General Data Protection Regulation was retained in UK law as the UK GDPR, sitting alongside the Data Protection Act 2018 (DPA 2018). Together, these formed the overarching framework governing how any personal data — including footage of people captured by dashcams and in-vehicle cameras — must be collected, stored, and used.

For fleet operators, the most practically significant requirement was the need to identify a lawful basis for processing. Most businesses relied on “legitimate interests” under Article 6(1)(f) of the UK GDPR, which permits processing where the operator’s interests in using the data outweigh the privacy rights of the individuals being recorded. This required completing a three-part Legitimate Interests Assessment (LIA): defining the purpose, establishing that the processing is necessary to achieve it, and demonstrating that the business interest outweighs the data subjects’ rights and reasonable expectations.

For forward-facing road cameras used to document incidents, the LIA is relatively straightforward. For driver-facing cameras, the assessment is more demanding — the ICO’s position has consistently been that monitoring the inside of a vehicle is more intrusive than monitoring the road ahead, and requires correspondingly stronger justification.

Legitimate interests requires a documented case — not just an assumption

Most fleet operators rely on “legitimate interests” as their lawful basis, but this is not automatic. You must complete a three-part assessment proving your business need outweighs driver privacy rights — and driver-facing cameras set a higher bar than road-facing ones.

The ICO’s Video Surveillance Guidance (March 2022)

The ICO published a comprehensive overhaul of its video surveillance guidance in March 2022, including a specific section on “Surveillance in Vehicles.” This guidance set out the practical compliance requirements that UK fleet operators were expected to meet, and it remained the primary reference document until the current review triggered by the Data (Use and Access) Act 2025.
The key requirements established by the 2022 guidance were as follows:

  • Lawful basis documentation — operators must identify and document a lawful basis for each type of camera processing, with driver-facing cameras requiring stronger justification than road-facing systems.
  • Data Protection Impact Assessment (DPIA) — a formal DPIA is required that addresses the rights and freedoms of both drivers and passengers, explores less intrusive alternatives, and records the decision-making process.
  • Signage and privacy notices — in-vehicle stickers or notices must be displayed on every camera-equipped vehicle, directing occupants to a privacy notice explaining what is recorded, why, how long footage is kept, and how to exercise data rights.
  • Audio off by default — audio recording must be switched off as the default state and activated only with strong specific justification. Continuous audio monitoring is not considered proportionate for most fleet purposes.
  • Cameras off during private use — where vehicles are used for personal journeys, cameras must be deactivated or recordings made inaccessible during non-working hours. Continuous recording of personal journeys is considered excessive.
  • Retention limits — footage should be deleted within approximately seven days where no incident has occurred. Incident-related footage should be kept only as long as necessary for the specific purpose (typically the duration of a claim or investigation).
  • Secure storage — footage must be stored with password protection, accessible only to authorised personnel, with a clear audit trail of who has accessed recordings and why.

The ICO Registration Requirement

One frequently overlooked compliance requirement: any business using dashcams in its vehicles — including sole traders — must register with the ICO as a data controller and pay an annual data protection fee. For most small businesses the fee is £52 per year. Failure to register can result in fines of up to £4,000.

Registration is mandatory — even for a single van

Any business operating dashcams must register with the ICO as a data controller and pay an annual fee (£52 for most small businesses). This applies to sole traders and micro-fleets. Failure to register carries fines of up to £4,000.

The Employment Law Dimension

Data protection law is not the only legal framework that applies to in-vehicle cameras. Employment law runs alongside it and, in practice, often determines whether a camera deployment succeeds or fails.

The Employment Rights Act 1996 protects against unfair dismissal in cases where dashcam footage is used in disciplinary proceedings. Article 8 of the Human Rights Act 1998 protects the right to private life, requiring that any monitoring be proportionate to the purpose. The European Court of Human Rights’ landmark ruling in López Ribalda v Spain (2019) established that even surveillance of employees committing theft could violate Article 8 where the monitoring was not proportionate — a principle that applies with direct force to driver monitoring.

Employment tribunals have consistently found against employers who failed to notify staff about camera installation, used footage beyond its stated purpose, or conducted disciplinary processes without fair procedures. Where drivers are union members, consultation before implementation is not merely good practice — it is essential to avoiding industrial action and tribunal claims.

Employment law can invalidate a technically compliant camera deployment

Even a GDPR-compliant camera rollout can generate tribunal claims if drivers weren’t properly notified, if footage was used beyond its stated purpose, or if union consultation was skipped. Data protection compliance and employment law compliance must be handled together — not separately.

The Physical Safety Regulations Now Mandating More Cameras

While the data protection framework governs how camera footage may be used, a separate and growing body of road safety regulation is actively requiring camera hardware to be fitted to commercial vehicles. These two regulatory threads are running in parallel — and they are pulling in the same direction: more cameras, on more vehicles, generating more data.

Direct Vision Standard Phase 2 (October 2024)

London’s DVS entered its significantly more demanding Phase 2 on 28 October 2024. The minimum star rating for HGVs over 12 tonnes operating in Greater London increased from 1-star to 3-star. Vehicles rated 0, 1, or 2 stars must now comply with a Progressive Safe System (PSS) that mandates three specific technology requirements:

  • A camera monitoring system on the nearside of the vehicle to eliminate the blind spot created by the cab design.
  • A blind spot information system using sensors to provide active warnings to the driver when vulnerable road users are detected in the nearside blind spot.
  • A moving-off information system, detecting pedestrians, cyclists, and other vulnerable road users in the front blind spot when the vehicle is stationary and about to pull away.

Non-compliance carries a Penalty Charge Notice (PCN) of £550 per day, reduced to £275 if paid within 14 days. Transport for London explicitly notes in its DVS guidance that operators bear full GDPR responsibility for all data recorded by cameras installed to meet DVS requirements — compliance with the DVS does not exempt operators from data protection obligations.

DVS compliance creates data protection obligations, not just hardware ones

Fitting cameras to meet the Progressive Safe System requirement does not satisfy your data protection duties. TfL makes this explicit: operators bear full GDPR responsibility for all footage recorded by DVS-mandated cameras. Compliance with one framework does not substitute for the other.

Camera-Monitor Systems as Legal Mirror Replacements (April 2025)

A further significant development came into force on 1 April 2025. The Road Vehicles (Construction and Use) (Amendment) (No. 2) Regulations 2024 (SI 2024/1312) now permit vehicles to use camera-monitor systems as legal alternatives to physical mirrors, provided the systems comply with ECE Regulation 46.04 requirements.

In practical terms, this means that commercial vehicles can now be built or retrofitted with cameras where physical mirrors previously sat, substantially expanding the camera-monitored areas around a vehicle. For fleet operators, this is both an opportunity and a compliance consideration: vehicles equipped with mirror-replacing camera systems are collecting significantly more video data, which falls squarely within the scope of data protection law.

Mirror-replacing cameras substantially expand your data footprint

Vehicles retrofitted with camera-monitor systems in place of physical mirrors are recording significantly more of their surroundings than before. Each additional camera feed is personal data under UK GDPR — expanding your hardware is also expanding your data protection obligations.

FORS Requirements Ratchet Up

As noted in Section 2, FORS Silver and Gold accreditation carry progressively more demanding camera requirements. FORS Silver requires nearside blind-spot cameras and rear-view cameras for vehicles over 7.5 tonnes GVW. FORS Gold specifies nearside blind-spot camera systems on all HGVs regardless of age, with simultaneous DVR recording as best practice.

Significantly, FORS Silver and Gold compliance with appropriate camera hardware can satisfy DVS permit requirements simultaneously — making camera investment a dual-purpose compliance expenditure for operators working in London. However, the data protection obligations that attach to all that footage apply regardless of which regulation prompted the installation.

What the Data (Use and Access) Act 2025 Actually Changed

The Data (Use and Access) Act 2025 (c. 18) received Royal Assent on 19 June 2025. It is the Labour government’s successor to the previous administration’s abandoned Data Protection and Digital Information Bill, and it takes a deliberately evolutionary approach: amending the UK GDPR and the Data Protection Act 2018, not replacing them. Core data protection provisions came into force on 5 February 2026, with remaining provisions expected to follow by mid-2026.

The Act contains no fleet-specific, dashcam-specific, or telematics-specific provisions. Its relevance to fleet operators flows entirely from broader changes to data protection law. Three reforms are of direct practical significance.

Recognised Legitimate Interests — the Most Significant Change

The Act introduces a new, streamlined seventh lawful basis for processing personal data: “recognised legitimate interests” (Article 6(1)(ea) of the UK GDPR, as amended). For a defined list of purposes, controllers can rely on this basis without conducting the full three-part balancing test that legitimate interests under Article 6(1)(f) requires.

The listed purposes include:

  • Detecting, investigating, or preventing crime, or apprehending or prosecuting offenders.
  • Safeguarding individuals at risk.
  • Responding to or managing an emergency situation.
  • Certain national security and public interest purposes.

For fleet operators, the most relevant application is the first: sharing dashcam or telematics footage with the police following an incident no longer requires a full Legitimate Interests Assessment. Necessity must still be demonstrated — operators cannot simply hand footage to any requesting party — but the compliance burden for incident-related data sharing with law enforcement is materially reduced.

The same streamlined basis applies when sharing emergency-response data after a collision. Where a fleet’s telematics system transmits location and speed data to emergency services following an automatic collision alert, that sharing can rely on the emergency situation basis without a full balancing exercise.

Automated Decision-Making — Why This Matters for AI Dashcams

The previous UK GDPR contained a near-prohibition on solely automated decisions that had legal or significant effects on individuals (Article 22). The three narrow exceptions — contract necessity, legal authorisation, and explicit consent — made it legally uncertain whether AI-driven dashcam systems that automatically flagged driver behaviour events and generated coaching interventions or influenced disciplinary decisions were fully compliant.

The Data (Use and Access) Act 2025 replaces this framework with a more permissive model. Solely automated decisions with significant effects on individuals are now generally permitted using any lawful basis — including legitimate interests — provided four specific safeguards are in place:

  1. The individual must be informed that an automated decision has been made and of the right to challenge it.
  2. The individual must be given a meaningful opportunity to make representations.
  3. Human review of the decision must be available upon request.
  4. The individual must be able to contest the decision and have it reconsidered by a human.

For fleet operators using AI dashcam systems, this is a significant practical development. Systems that automatically detect harsh braking, mobile phone use, or distraction and trigger coaching interventions — or that generate driver risk scores used in performance management — can now operate under legitimate interests rather than needing explicit consent. But the four safeguards are non-optional. Fleet operators deploying AI dashcam systems must review their processes to ensure drivers are informed of automated decisions, can contest them, and that human review is genuinely available, not merely theoretical.

Where any biometric data is involved — such as facial recognition used for fatigue detection or driver identity verification — the special category data protections under Article 9 of the UK GDPR still apply in full, with stricter consent or explicit legal basis requirements.

Subject Access Requests — Simplified but Still Real

Fleet operators with large camera archives face a practical challenge when drivers exercise their right of access under UK GDPR: searching weeks or months of multi-camera footage to locate all data relating to a specific individual is resource-intensive. The Data (Use and Access) Act codifies that only a “reasonable and proportionate” search is required when responding to Subject Access Requests (SARs), providing welcome clarity that operators are not obliged to conduct exhaustive searches of entire archives.

The Act also introduces “stop the clock” provisions permitting controllers to pause the one-month response period when identity verification or request clarification is needed. For large fleet operations, this reduces the compliance burden for SAR handling — though clear policies and processes for responding to requests remain essential.

"Reasonable and proportionate" now defines your SAR obligation

The DUAA 2025 codifies that fleet operators are only required to conduct a reasonable search of camera archives when responding to Subject Access Requests — not an exhaustive one. Combined with the new “stop the clock” provision, large fleet operators have materially reduced SAR compliance risk.

What the Act Did NOT Change

Amidst the changes, the core compliance obligations for fleet camera operators are unchanged. The following requirements remain fully in force:
  • The obligation to identify and document a lawful basis for processing.
  • The requirement to complete a Data Protection Impact Assessment before deploying in-vehicle cameras.
  • Retention limits — footage not related to an incident should still be deleted within approximately seven days.
  • Signage requirements — in-vehicle notices and accessible privacy notices remain mandatory.
  • Audio off by default — continuous audio monitoring remains disproportionate for most fleet purposes.
  • Camera deactivation during private use — this requirement is unchanged.
  • Secure storage and access controls for footage.
  • ICO registration and payment of the annual data protection fee.
The maximum penalties for serious GDPR breaches remain unchanged at £17.5 million or 4% of global annual turnover. The DUAA’s alignment of PECR fines with GDPR levels has actually increased penalties for electronic communications breaches, but this primarily affects telecom providers rather than fleet operators.

The Driver Acceptance Problem

For many fleet operators, the most significant compliance risk is not a regulatory fine — it is deploying camera technology in a way that creates employment disputes, union opposition, or tribunal claims. The legal framework and the human reality of camera deployment are two different things, and the latter frequently determines whether a rollout succeeds.

The Trust Gap

A 2025 Geotab survey of over 3,500 professional drivers across Europe found that 87% of UK fleet drivers had concerns about in-cab cameras. The top worries were footage being used out of context (34%), disciplinary action (34%), and data security (32%).

Driver-facing cameras provoke the most resistance — the sense of being continuously watched in an enclosed space is qualitatively different from knowing that a road-facing camera is recording external events.

Fleet News has reported on a persistent “knowledge gap” in driver perceptions of in-cab technology: many drivers reject cameras not because they fundamentally oppose the technology, but because they do not understand how the data will be used, who will see it, under what circumstances, or what rights they have over it. The same survey found that almost all drivers would accept in-vehicle cameras if the footage could prove they were not at fault after a collision.

Driver resistance is usually a communication failure, not a values conflict

The majority of drivers who object to in-cab cameras do so because they don’t know how the footage will be used — not because they fundamentally oppose the technology. Addressing the knowledge gap directly, before rollout, removes the primary source of resistance.

Technology Design as Compliance Strategy

The British Safety Council and fleet industry voices have consistently made the same point: how a camera system is designed and communicated matters as much as what the policy document says. Cameras that are clearly explained, whose footage is accessed only following specific incidents, and which visibly protect drivers from false claims rather than simply monitor performance, achieve higher acceptance rates and generate fewer legal challenges.

Fleet operators that have successfully deployed driver-facing AI cameras report near-100% decreases in recorded mobile phone use incidents and up to 95% reductions in unbelted driving events. These outcomes are only achievable when drivers understand the system and trust that the data will be used fairly. As the British Safety Council noted in its October 2025 analysis of fleet and video telematics: “Fleet and video telematics solutions need to prioritise collaboration and engagement with the driver, making them an essential part of any technology roll-out — not merely its subject. Driver apprehension, where not addressed proactively, can delay or derail even well-funded camera programmes.

Compliance Guide: Eight Steps for Fleet Operators in 2026

The following steps reflect both the existing ICO guidance (which remains the operative baseline while the review is ongoing) and the new provisions of the Data (Use and Access) Act 2025 that took effect in February 2026. Operators who complete these steps will be well-positioned for any updated guidance the ICO publishes following its review.

Step 1 — Justify Every Camera

Document a clear, specific legitimate purpose for each type of camera installed. Road-facing cameras for incident evidence and insurance fraud prevention are well-established purposes with straightforward justification. Driver-facing cameras require a stronger case: their purpose should be driver safety and protection, collision investigation, and compliance verification — not general performance monitoring or surveillance.

If you cannot articulate a specific, proportionate purpose for a particular camera, the ICO’s position is clear: you should not install it. Purpose documentation does not need to be lengthy, but it does need to be genuine and specific.

Step 2 — Complete or Update Your DPIA

A Data Protection Impact Assessment is not a one-off exercise. Any material change to your camera systems — adding driver-facing cameras, upgrading to AI event detection, extending footage retention, or expanding the number of vehicles covered — requires the DPIA to be reviewed and updated.

Following the Data (Use and Access) Act 2025, specifically review whether any processes now qualify for the recognised legitimate interests basis. Incident footage sharing with police and emergency-response data transmission are the most likely candidates. Update your DPIA to reflect the new legal basis where applicable.

Step 3 — Display Clear Signage and Publish a Privacy Notice

Every vehicle equipped with cameras — including those fitted to meet DVS or FORS requirements — must display in-vehicle notices indicating that recording is taking place and directing occupants to a privacy notice. The privacy notice must cover what is recorded, the lawful basis for processing, how long footage is retained, who has access to it, and how individuals can exercise their data rights (including the right to request access to footage of themselves).

Privacy notices should be written in plain English and genuinely accessible — a web address is acceptable provided it is current and functional.

Step 4 — Set and Enforce Retention Limits

Routine footage that is not associated with an incident should be deleted within approximately seven days. Incident-related footage should be retained only for as long as necessary for the specific purpose — typically the length of any insurance claim, police investigation, or disciplinary process.

Manual deletion processes are unreliable at scale. Automated deletion schedules, built into your storage system or dashcam management platform, both reduce the compliance burden and demonstrate to the ICO that you are taking data minimisation seriously. Where a specific retention period for incident footage is uncertain, document the reasoning.

Step 5 — Keep Audio Off by Default

Unless you have a specific, documented justification — such as passenger safety in taxis or coaches, or security requirements for cash-in-transit vehicles — audio recording should be switched off as the default state in all in-vehicle cameras. The ICO’s position has not changed on this point: continuous audio monitoring of drivers and passengers is not considered proportionate for general fleet management purposes.

Where audio is activated for specific justified purposes, this should be documented in your DPIA, communicated clearly to drivers and passengers through signage, and limited to the minimum necessary duration.

Step 6 — Deactivate Cameras During Private Use

Where employees are permitted to use company vehicles for personal journeys, cameras must be deactivated or footage must be made inaccessible during non-working hours. Continuing to record employees during private use is not considered proportionate and is likely to constitute a breach of UK GDPR.

Practical solutions include geofence-based deactivation (cameras automatically switching off outside defined work zones or hours), time-based schedules, or physical deactivation procedures supported by clear driver instructions. The chosen method should be documented in your DPIA and communicated to drivers.

Step 7 — Audit Your AI Dashcam Safeguards

If your video telematics system uses artificial intelligence to detect events, score driver behaviour, generate coaching interventions, or produce any output that is used in performance management or disciplinary decisions, the new safeguards required by the Data (Use and Access) Act 2025 now apply.

Review your current processes against these four requirements:

  1. Drivers must be informed when an automated decision affecting them has been made — for example, when an AI event detection system flags an incident and triggers a coaching notification.
  2. Drivers must have a genuine opportunity to provide their perspective on any flagged event before it affects a performance review or disciplinary outcome.
  3. Human review of AI-generated decisions must be available. A fleet manager or supervisor must be able to look at the footage, consider context, and override or modify the automated assessment.
  4. Drivers must be able to formally contest an AI-generated assessment and have it reconsidered by a human. This is not satisfied by a general grievance procedure — the contestation right must be specific to the automated decision in question.

These safeguards are not onerous in practice, but they must be explicit and operational. Documenting them in your driver handbook and your DPIA is essential.

Step 8 — Register with the ICO and Monitor Guidance Updates

Ensure your ICO registration is current and your annual data protection fee is paid (£52 for most small businesses, rising to £93 or £2,900 for larger organisations). Failure to register is a civil penalty offence with fines up to £4,000.

The ICO has confirmed that its vehicle surveillance guidance is under active review following the Data (Use and Access) Act 2025. Bookmark the ICO’s plans page and check periodically for publication of updated guidance. When new guidance is published, review your DPIA, privacy notices, and internal policies against it promptly.

Conclusion: What This Means for Fleet Camera Hardware Decisions

The regulatory trajectory for UK fleet video telematics is unambiguous: more cameras, on more vehicles, subject to more sophisticated data handling requirements. DVS Phase 2, mirror-replacing camera regulations, FORS accreditation requirements, and the continuing growth of AI dashcam technology are all pushing in the same direction.

The Data (Use and Access) Act 2025 has simplified some compliance pathways — most usefully for incident data sharing and AI-driven coaching systems — while leaving the core obligations firmly in place. The ICO’s ongoing guidance review means the detailed rules may be updated, but the principles that will govern them are already clear: lawful basis, proportionality, transparency, data minimisation, and meaningful driver rights.

For fleet operators making hardware decisions, compliance capability is now a primary specification criterion, not an afterthought. When evaluating video telematics hardware for a UK fleet, consider whether the system supports configurable retention periods and automated deletion schedules; encrypted, access-controlled cloud storage; geofence or time-based camera deactivation for private use; driver notification and contestation workflows for AI event detection; and clear audit trails of who has accessed footage and when.

These are hardware and software features, not just policy decisions. Choosing a camera system that supports compliance by design is substantially more effective — and more cost-efficient — than retrofitting compliance processes around hardware that was not built with UK data protection requirements in mind

Founder of EasyNet Technologies - an IOT provider for Europe and UK - Fiodor Nikulin

Author Fiodor Nikulin

Fiodor Nikulin is the Founder and CEO of EasyNet Technologies, bringing over 17 years of hands-on experience in the international IoT industry. Before founding EasyNet, he held senior leadership positions at Teltonika Networks and Teltonika IoT Group, where he led regional expansion, built international sales and technical teams, and oversaw large-scale IoT hardware deployments across EMEA, CIS, Africa, and Central Asia. Today, he leads EasyNet Technologies as a trusted IoT solutions provider serving industrial and commercial clients across Europe and the United Kingdom.
View Profile
Scroll To Top
Close
Close
Sidebar