On June 16, 2015, the Article 29 Working Party (WP29) adopted an opinion on the utilization of drones for all civil purposes.
According to WP29, several privacy risks may arise in relation to the processing of data carried out by the equipment on-board a drone.
“Such risks can range from a lack of transparency of the types of processing due to the difficulty of being able to view drones from the ground to, in any event, a difficulty to know which data processing equipment are on-board, for what purposes personal data are being collected and by whom. Furthermore, the dexterity of drones and the possibility to interconnect multiple drones further facilitates their ability to achieve unique vantage points, for example avoiding obstacles or not to be constrained by barriers, walls or fences, so to easily enable the collection of a wide variety of information even without the need for a direct line of sight, for long periods of time and across large area without intermission (with a high risk of bulk data gathering and possible unlawful multipurpose uses).
Even higher risks for the rights and freedoms of individuals arise when the processing of personal data by means of drones is carried out for law enforcement purposes.”
In consideration of these risks, the Opinion provides guidelines in order to correctly address the data protection rules in the context of drones. Among others, it addresses European and national policy makers for the creating a framework that strengthens the respect for all fundamental rights at stake. In addition, WP29 recommends manufacturers and operators to embed privacy friendly design choices and privacy friendly defaults as part of a privacy by design approach.
For more information, contact Francesca Giannoni-Crystal