Google’s wearable specs, Glass, went on sale in the UK earlier this week. And at £1,000 a pop there’s unlikely to be a stampede of buyers. (All five colours of Glass are still listed in stock on the UK Google Play.)

But the arrival of a high profile connected camera attached to a pair of glasses that live on your face — potentially allowing the user to film people in their vicinity without them entirely realizing — has triggered a warning from the national data protection watchdog that Glass users need to be careful to comply with existing data protection legislation.

Writing on the Information Commissioner’s Office blog, ICO senior technology officer Andrew Paterson notes that while personal use of Glass is “unlikely” to be breaching the UK’s Data Protection Act, Glass owners wanting to use content they have captured via the device for “other purposes” risk being in breach of the act.

Paterson writes:

If you are using a wearable technology for your own use then you are unlikely to be breaching the Act. This is because the Act includes an exemption for the collection of personal information for domestic purposes. But if you were to one day decide that you’d like to start using this information for other purposes outside of your personal use, for example to support a local campaign or to start a business, then this exemption would no longer apply.

Meanwhile any organizations seeking to use Glass to process personal data will “almost always be covered by the Act”, he notes.

This means that [organizations] must process the information collected by these devices in compliance with the legislation. This includes making sure that people are being informed about how their details are being collected and used, only collecting information that is relevant, adequate and not excessive and ensuring that any information that needs to be collected is kept securely and deleted once it is no longer required.

The ICO is also keen that organizations using Glass — or indeed other wearables containing cameras — should take note of its CCTV Code of Conduct, which sets out best practice guidelines for conducting video surveillance of others.

For its part, Google has previously described Glass as a “fairly lousy surveillance device”, telling the Huffington Post UK recently: “We designed Glass with privacy in mind. The fact that Glass is worn above the eyes and the screen lights up whenever it’s activated clearly signals it’s in use and makes it a fairly lousy surveillance device.”

However that comment came in response to a Wired report about research conducted at the University of Massachusetts which used Glass and a custom-coded video recognition algorithm to surreptitiously steal the PIN codes of device users who were around 10 feet away from the Glass wearer.

So while Google may not itself be designing Glass as a surveillance tool, that does not mean the wearable form factor and tech capabilities of the device can’t be used for surveillance and don’t carry some inherent privacy implications.

“There is an important debate to be had around the privacy implications of wearable technology and it will ultimately be for society to decide how comfortable they are with wearables. However like any new technology, wearables must operate in compliance with the law,” Paterson adds.