This post is also available in: Español

In line with the new European drone safety rules adopted by the European Commission (EC), the Spanish Data Protection Agency (AEPD) has published a data protection guide on the use of drones.

Article 26 of Royal Decree 1036/2017 of December 15, regulating the civil use of remote controlled aircraft, established the obligation to “adopt the necessary measures to ensure compliance with privacy and data protection provisions.”

The guide does not distinguish between private and professional uses and is applicable to both. It provides guidance to operators of drones that register and/or process data such as image, video, sound, geolocation related to identified or identifiable persons. The default configuration of any drone includes one GPS and a video camera, with optional features such as night vision cameras, Wi-Fi devices and 3D scanners.

The document is divided into five sections: (i) operations that do not include personal data processing (e.g., sports or recreational uses); (ii) operations with a risk of collateral or inadvertent personal data processing (e.g., cinema, TV, advertising or topographical surveys); (iii) operations involving data processing (e.g., video surveillance or recording of events); (iv) steps to be taken prior to use of a drone; and (v) FAQS.

Prior recommendations include checking the need to request authorization to operate drones, carrying out an impact assessment, and considering not publishing any sensitive information online.

In view of the widespread and increasing use of drones by the general public and their impact on the right to data protection, the AEPD has issued this guide to encourage regulatory compliance by all operators.

By Clara Sánchez López

This post is also available in: Español



30 artículos