The DroneRules PRO project will develop an online e-learning course to support the creation of a privacy culture within the commercial drone industry in Europe. It will assist the drones industry in adjusting to new legislative requirements, providing vital protections for members of the public, and ultimately supporting the growth and development of the drones industry. The project responds directly to the introduction of the General Data Protection Regulation (GDPR) in May 2018, as well as the specific characteristics of the European drones industry.
The e-learning course will employ state-of-the-art e-learning tools, as well as advancedserious game techniques already used in a collaboration between one of the DroneRules PRO partners and the US Federal Aviation Administration (FAA). The course will train UA professionals to recognise privacy and data protection risks and issues, identify good practice solutions and implement those solutions.
The project will also develop a set of resources to enable UA professionals to meet their privacy and data protection obligations in the course of their operations, during planning and execution phases. A key contribution in this regard will be laying down the foundations for a pan-European Privacy Code of Conduct for UA professionals.
Drones are equipped with various types of cameras, visual sensors and microphones. The mobility and size of drones make them a perfect choice for carrying out any number of professional tasks, including infrastructure inspections, construction planning and management, entertainment and advertisement footage collection. While carrying out these missions, drones can capture and process information related to individuals which can pose risks to peoples’ right to privacy.
Privacy is a fundamental right guaranteed to individuals in the Charter of Fundamental Rights of the EU, the European Convention on Human Rights and various national constitutions in Europe
Drones could also raise data protection concerns when the information they capture is considered personal data. Personal data is any information which allows the identification of a person. Personal data does not require that you have details about a person, such as their name, phone number, or address. It can take many shapes and forms. It can be images, videos, sounds, biometric data (facial recognition, for example), location and traffic data, telecommunications data or any combination thereof. As long as a person can be identified or is identifiable by this information, it is considered personal data.
Personal data is protected by a set of legal principles, requirements and obligations in the EU. Until now these legal rules were found in the Data Protection Directive, which has been serving the EU since 1995 and national laws, based on it.
From 25 May 2018, the General Data Protection Regulation (GDPR) will directly apply for the entire EU. It will give you clear guidelines, responsibilities and roles to follow no matter where in the EU you may be operating. National data protection laws continue to apply only in limited cases.