Privacy and data protection rules for drones, GDPR

Nosy Drones? Know the rules before you fly

Due to their manoeuvrability, varying designs and sizes, as well as the vast array of hardware and software capabilities they could be equipped with, drones have found widespread applications in fields spanning cinematography, insurance valuations, construction project planning, real estate sales and infrastructure inspections among others.

As this new technology becomes increasingly available, it has encountered new and challenging regulatory frameworks. One such example is the European privacy and data protection legal framework, which in effect seeks to protect people from “nosy” drones.

So how can commercial drone companies keep operating drones near people and comply with the law?

As part of the DroneRules PRO project, Trilateral Research is building on its pioneering work in the privacy, data protection, ethics and drone fields to develop resources tailored drone industry’s needs.

In this article, we present insights and basic guidelines on privacy and data protection and safety related to the use of drones.

Operating your drone in a responsible manner: privacy and data protection

With the General Data Protection Regulation (GDPR), you are obliged to take certain steps to ensure you treat the personal data you capture with your drone in a responsible and secure manner. If you operate your drone in the vicinity of people, you may be exposed to privacy and data protection risks.

Privacy and the protection of personal data are both recognised as fundamental rights in the European Union and are legally enforceable. We have identified 8 guiding principles for professional operators to keep in mind to support compliance with the GDPR when they collect personal information. Following these principles will considerably reduce your risks when collecting and processing personal information via a drone.

Data protection guiding principles under the GDPR

 

Security: protect drones and data

Protect drones and data during transmissions: Protect drones from being hijacked and from unauthorised persons gaining control over them. Moreover, protect data transmitted by a drone and communicated to other equipment from being intercepted, corrupted or viewed by others.

You can do this, for example, by:

  • placing access controls on command and control functions
  • securing the data link between the drone and piloting equipment, for example through encryption.

Protect data on drones: Protect data stored locally on drones from being accessed by unauthorised persons by ensuring security measures are enabled and in place, for example:

  • regularly delete older data from drones,
  • place access controls to view data stored on drones,
  • encrypt data stored on drones.

More guidelines for responsible drone use can be found on DroneRules.eu.

For more information feel free to contact our team.

Rachel Finn, Practice Manager

Rachel Finn Practice Manager
Tags:
,