An overview of privacy and GDPR for drone users.
DroneRules Pro is creating a privacy and data protection culture within the European drone industry and will facilitate compliance with the new legislation.
A Framework for Selecting Deep Learning Hyper-ParametersJim O' Donoghue
Presentation on a paper which was published in the British International Conference on Databases in 2015. Experimental framework for selecting deep learning hyper-parameters.
The EU's Winning Business in Africa programme is interesting for many African and EU entrepreneurs. This presentation uncovers all the EU funding instruments for entrepreneurs while going into the mechanics to successfully win funding.
Civil Protection operators and Public Administrations, engaged in urban planning, resource & environmental management, need spatio-temporal processing of GI to support decision-making. Current SDIs and the ESDI, only partially address user needs as they offer no or very limited time variable management . The integration between INSPIRE-compliant geographic datasets and operational databases, essential in domains such as environmental risk management and civil protection, is poor.
Thus the present scope of services SDI can offer is somewhat limited. It is the aim of BRISEIDE to build on existing SDI’s in order to provide users with more complete and adequate data and processing tools.
A Framework for Selecting Deep Learning Hyper-ParametersJim O' Donoghue
Presentation on a paper which was published in the British International Conference on Databases in 2015. Experimental framework for selecting deep learning hyper-parameters.
The EU's Winning Business in Africa programme is interesting for many African and EU entrepreneurs. This presentation uncovers all the EU funding instruments for entrepreneurs while going into the mechanics to successfully win funding.
Civil Protection operators and Public Administrations, engaged in urban planning, resource & environmental management, need spatio-temporal processing of GI to support decision-making. Current SDIs and the ESDI, only partially address user needs as they offer no or very limited time variable management . The integration between INSPIRE-compliant geographic datasets and operational databases, essential in domains such as environmental risk management and civil protection, is poor.
Thus the present scope of services SDI can offer is somewhat limited. It is the aim of BRISEIDE to build on existing SDI’s in order to provide users with more complete and adequate data and processing tools.
Become an “EXTRA-ordinary” engineer Cultivate your difference via an international training programme in France with Network "n+i"! Supplementing your own culture, mother tongue and English language skills with mastery of the French language, knowledge of French culture and an internationally recognised qualification is a great way to ensure you are better prepared to play a key role in the "global" world. "n+i" is a great way to ensure you are better prepared to play a key role in the "global" world. Network “n+I”, France's leading Engineering School network, is aimed at the men and women who share this ambition.
http://www.nplusi.com
Training and awareness raising in Critical Infrastructure Protection & Resili...Global Risk Forum GRFDavos
6th International Disaster and Risk Conference IDRC 2016 Integrative Risk Management - Towards Resilient Cities. 28 August - 01 September 2016 in Davos, Switzerland
The European cyber security cPPP strategic research & innovation agendaEUBrasilCloudFORUM .
Presentation by Fabio Martinelli, CNR, National Research Council of Italy, representing the NECS project (European Network for Cybersecurity) at Cloudscape Brazil 2017
ENISA - EU strategies for cyber incident responseKevin Duffey
ENISA is the EU Agency for Network & Information Security. In this presentation, the Head of Stakeholder Relations shares lessons for CEOs from over 200 cyber simulations and other research conducted by ENISA.
Become an “EXTRA-ordinary” engineer Cultivate your difference via an international training programme in France with Network "n+i"! Supplementing your own culture, mother tongue and English language skills with mastery of the French language, knowledge of French culture and an internationally recognised qualification is a great way to ensure you are better prepared to play a key role in the "global" world. "n+i" is a great way to ensure you are better prepared to play a key role in the "global" world. Network “n+I”, France's leading Engineering School network, is aimed at the men and women who share this ambition.
http://www.nplusi.com
Training and awareness raising in Critical Infrastructure Protection & Resili...Global Risk Forum GRFDavos
6th International Disaster and Risk Conference IDRC 2016 Integrative Risk Management - Towards Resilient Cities. 28 August - 01 September 2016 in Davos, Switzerland
The European cyber security cPPP strategic research & innovation agendaEUBrasilCloudFORUM .
Presentation by Fabio Martinelli, CNR, National Research Council of Italy, representing the NECS project (European Network for Cybersecurity) at Cloudscape Brazil 2017
ENISA - EU strategies for cyber incident responseKevin Duffey
ENISA is the EU Agency for Network & Information Security. In this presentation, the Head of Stakeholder Relations shares lessons for CEOs from over 200 cyber simulations and other research conducted by ENISA.
Participation of ADITESS LTD in Career and Entrepreneurship Fair in CYPRUS UNIVERSITY OF TECHNOLOGY where we will present our company, "The case of a Cyprus start up investing in information systems and empowering staff"
This presentation was held at the 1st EOSC Stakeholder Forum 28-29/11/2017 in Brussels.
For more information on the 1st EOSC Stakeholder Forum visit: https://eoscpilot.eu/eosc-stakeholder-forum-shaping-future-eosc
Follow EOSCpilot on Twitter: https://twitter.com/eoscpilot
and LinkedIn: https://uk.linkedin.com/in/eoscpiloteu
Presentation on MIRROR project dissemination and preparing exploitation held at the EU day i-know conference Know-Center Graz, september 2013. Held by Ellen Leenarts, BT Learning Solutions. More information on Mirror: www.mirror-project.eu or Linkedin group MIRROR-Reflective Learning at work
Similar to DroneRules Pro: Supporting GDPR compliance through privacy culture among drone professionals in Europe (20)
Presentation at the CPPP conference 2020 on the core issues SMEs and SME Associations have identified in applying the GDPR. This research work has been developed within the STAR II project.
Designing Security Across Boundaries: mapping disperse data to collaborative...Trilateral Research
Katrina Petersen from Trilateral Research presented work carried out within the IN-PREP project at the "Data-Power: Global In/Securities" event. The presentation focused on the ethical issues that emerge when preparing for disasters by sharing data across borders/boundaries.
Risky Borders: Designing togetherness using information technology for intero...Trilateral Research
An overview of how using information technology can bring disaster responders together by pooling their data together through technological frameworks.
CLAIRTY is a European Commission-funded project. Its goals are to:
- Mobilise stakeholders across the open government ecosystem,
- To conduct a needs assessment and gap analysis to understand gaps in the market and support growth in innovative solutions for open eGoverment in Europe,
- To work with stakeholders to develop a blueprint for the next steps to encourage the provision and responsible take-up of eGovernment applications to enhance accountability, transparency and trust in public sector services.
Presentation discussing the development of an innovative evaluation and certification methodology for security systems, as part of the European project. By Dr Thordis Sveinsdottir.
Demonstration of the functionality an capabilities of Virtual Hubs developed for ENERGIC-OD project. Presentation given in GEO Business 2017 trade show in London, UK (May 2017).
Keynote presentation from an event with industry and academia delegates, discussing the future of esports in the UK in the context of data protection, surveiilance and privacy.
Methodologies for Addressing Privacy and Social Issues in Health Data: A Case...Trilateral Research
Huge quantities of complex and diverse data are generated everyday in healthcare institutions, including clinical documentation (diagnostics, lab data, imaging data, etc.), administrative data, activities and cost data, and R&D data from clinical trials.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Essentials of Automations: The Art of Triggers and Actions in FME
DroneRules Pro: Supporting GDPR compliance through privacy culture among drone professionals in Europe
1. Fly respectfully
consider privacy
Fly safely
follow flight safety rules
Fly responsibly
be insured
DroneRules Pro: Supporting
GDPR compliance through
privacy culture among drone
professionals in Europe
Christina Hitrova
christina.hitrova@trilateralresearch.com
Bonn, 4 July 2018
2. Overview
• What do drones have to do with privacy and data protection?
• What is the DroneRules PRO project?
• How can the DroneRules PRO project help?
• How can you get involved?
This presentation is funded by the European Union’s COSME Programme (2014-2020).
3. Fly respectfully
consider privacy
Fly safely
follow flight safety rules
Fly responsibly
be insured
What do drones have to do
with privacy and data
protection?
4. Privacy and data protection
• What is privacy?
Everyone has the right to respect for his or her private and family life,
home and communications.
- EU Charter of Fundamental Rights,Article 7
• What is personal data protection?
1. Everyone has the right to the protection of personal data
concerning him or her.
2. Such data must be processed fairly for specified purposes and on the
basis of the consent (…) or some other legitimate basis laid down by law.
Everyone has the right of access to data which has been collected
concerning him or her, and the right to have it rectified. (…)
- EU Charter of Fundamental Rights,Article 8
• Protected by national constitutions and international treaties
This presentation is funded by the European Union’s COSME Programme (2014-2020).
6. Why is this important for the drone industry?
• The General Data Protection Regulation (GDPR) - protects
personal data through its entire lifecycle
– “Personal data”
– Has “teeth” – sanctions up to € 20 Million or 4 % of the total
worldwide annual turnover
• Future laws
– EASA Prototype Regulation and Annex – requires respect privacy and
data protection and consideration of privacy risks
– Regulation for making available on the market of UA intended for use
in the ‘open’ category – requires privacy-enhancing features
This presentation is funded by the European Union’s COSME Programme (2014-2020).
8. DroneRules PRO: Key project facts
• Duration: December 2017 – November 2019
• Funding COSME COS-DRONES-2016-03-02
• Partners
• Goals:
(1) To create a privacy culture among Europe’s drone
professionals with information and educational resources
(2) To protect rights and freedoms of people
(3) To support the growth and development of drones
This presentation is funded by the European Union’s COSME Programme (2014-2020).
9. DroneRules PRO: Project work
• E-learning course
& resources
• In collaboration
with stakeholders
and experts
Resource
development
• 6 hands-on
training sessions
in UK, BE, DE, IT,
PL
• Evaluation of
resources
Training • Optimisation
and finalisation
of project
resources
• Publication
Finalisation
This presentation is funded by the European Union’s COSME Programme (2014-2020).
Dec 2017 – Mar 2019 Mar – Jul 2019 May – Sept 2019
11. DroneRules PRO resources
Drone
operators
Drone
manufac-
turers
Drone pilots
Privacy Code of
Conduct
Pre-flight
checklist
Privacy Impact
Assessment
(PIA) template
Privacy-by-
design guide
E-learning course with tailored modules
This presentation is funded by the European Union’s COSME Programme (2014-2020).
12. E-learning course
• Goal: Empower drone professionals!Teach them how to assess
their operations, identify risks and implement safeguards.
• Modules tailored to operators, pilots and manufacturers
• Content will include:
– Concepts, principles,
requirements, risks
– Safeguards
– Interactive games / tests
This presentation is funded by the European Union’s COSME Programme (2014-2020).
13. This presentation is funded by the European Union’s COSME Programme (2014-2020).
14. 5 tips on flying responsibly
• Inform people on the ground of your activities.
• Minimise personal data captured and retained.
• Limit personal data use and data storage.
• Protect personal data. Anonymise it. Secure it. Do not share
it (freely).
• Respect people’s rights and put procedures in place to that
end.
This presentation is funded by the European Union’s COSME Programme (2014-2020).
15. DroneRules PRO resources
Drone
operators
Drone
manufac-
turers
Drone pilots
Privacy Code of
Conduct
Pre-flight
checklist
Privacy Impact
Assessment
(PIA) template
Privacy-by-
design guide
E-learning course with tailored modules
This presentation is funded by the European Union’s COSME Programme (2014-2020).
16. PIA template
• For drone
operators & pilots
• Software
• Plan your (high-
risk) mission
responsibly
• Risks &
safeguards
• DPIA can serve as
documentary
proof of risk
management
Pre-flight checklist
• For drone pilots
• Last-minute
checklist
• Have we
considered
everything we
need to do?
• Have we done it?
Privacy-by-design
guide
• For drone
manufacturers
• Privacy-
enhancing drone
features
• EASA regulation
compliance
• Drones that help
drone pilots and
operators comply
with their own
obligations
This presentation is funded by the European Union’s COSME Programme (2014-2020).
17. DroneRules PRO resources
Drone
operators
Drone
manufac-
turers
Drone pilots
Privacy Code of
Conduct
Pre-flight
checklist
Privacy Impact
Assessment
(PIA) template
Privacy-by-
design guide
E-learning course with tailored modules
This presentation is funded by the European Union’s COSME Programme (2014-2020).
18. Privacy Code of Conduct
• Best practices for drone pilots and
operators
• Scope:
– Planning the mission
– Flying the mission
– Handing, sharing and erasing data
• An industry-standard-to-be
• We are calling for your feedback!
Get in touch to get a copy!
This presentation is funded by the European Union’s COSME Programme (2014-2020).
20. Drone Rules PRO Advisory Board
• On the look for new members to support the project and:
– Review and provide feedback on resources
– Join training sessions
– Support dissemination and promotional activities
– Help expand the network of the project
• Flexible contributions welcome
This presentation is funded by the European Union’s COSME Programme (2014-2020).
21. Current Advisory Board members
Name Organisation Expertise
Peter van Blyenburgh UVS International Industry association
Uwe Meinberg CURPAS (Germany) Industry association
Gonçalo Antunes
Matias
APANT (Portugal) Industry association
Benjamin Benharrosh Delair Tech Industry
Anne-Marie Haute Pilgrim Technology Industry
Jules Kneepkens TEASAS Civil aviation regulation
Christian Janke Embry-Riddle Aeronautical
University – Worldwide
Industry educator
Giuseppe D’Acquisto Italian Data Protection Authority Data protection & regulation
Stian Kringlebotn Norwegian Data Protection
Authority
Data protection & regulation
Andrej Tomšič Slovenian Data Protection
Authority
Data protection & regulation
Adolfas Kuzborski CAA Lithuania Regulation
22. Thank you for your attention
Contact:
Christina Hitrova
Christina.Hitrova@trilateralresearch.com
This presentation is funded by the European Union’s COSME Programme (2014-2020).
Editor's Notes
As you may know, people have certain fundamental human rights, guaranteed to them, which are intended to protect their dignity and autonomy. You may have heard of the right to life or the right to free speech.
Similar to this, in Europe and within the European Union people are guaranteed the right to privacy and the right to personal data protection.
The right to privacy means that people have the right for their private and family life, home and communications to be respected. They have a right to be left alone and not be surveilled, especially in a private setting. This is a broad right encompassing all situations in which people have an expectation to be unobserved.
The right to personal data protection is another fundamental right, guaranteed to people in the EU. It is a more focused right and protects individuals by laying down some minimum standards regarding how personal data relating to individuals should be collected and handled. Compared to the right to privacy, the right to personal data protection is more targeted and application-heavy. It protects only personal data and it prescribes specific principles which should be followed in practice, when handling such data. These center around being fair and transparent when handling the data and empowering the individual to determine how such data is used.
These rights, in one shape or another, are protected through various documents on the national and international levels, including by constitutions and international treaties, such as the EU Charter of Fundamental Rights. All people in Europe have them and this can impact your activities as drone professionals.
Commercially, drones can be used in a variety of contexts – in construction, to capture entertainment and sports events, for real estate. You know better than me how diverse drone capabilities and applications can be. However, drones have the potential to impact the privacy and personal data of people on the ground. This is for a few reasons:
First, drones are highly maneuverable. This means that previously inaccessible spaces, such as gardens with fences or secluded areas in a park or on a beach can now be accessed and directly observed or recorded. This could raise concerns especially in situations where private spaces are impacted, such as people’s homes, gardens, cars, work places.
Second, drones vary in size and design. This means that sometimes they may remain unnoticed by individuals on the ground and become silent observers of their behavior. Needless to say, this can raise significant privacy concerns.
Thirdly, drones have extremely diverse capabilities. Depending on the payload they are carrying, drones can capture photos, videos, thermal or location data, sometimes even audio data. Some software empower drones to even track and monitor individual behavior, as you see here on the slide. Then the data captured features individuals, and especially if it allows the identification of individuals, privacy and personal data concerns can arise.
Finally, the combination of the design, maneuverability and diverse capabilities of drones leads to a lack of transparency for individuals on the ground. Often, they may have no way of knowing who is operating the drone, for what purpose, what kind of data that drone is collecting and whether the drone’s sensors are pointed in their direction. In such circumstances individuals can feel uneasy, observed and, lacking a responsible person to turn to, they become powerless to actually control what happens with their personal data.
On the 25th May this year the General Data Protection Regulation (GDPR) entered into force. This is a EU-wide single law that protects the personal data of individuals by laying down concrete rules, principles and requirements as to how that data should be handled throughout its entire lifecycle – from collection, to processing, storage, sharing and erasure.
The GDPR protects only personal data – that is, any data that allows the identification of a person. What is personal data can be a very broad notion. It encompasses information through which individuals can be identified by you or by others. In the context of drones, personal data can be a single piece of information or a combination of the entire scene you captured – the top of a person’s head, their clothing, their location, their car plate number or house number, the time of your activities.
You should be careful when capturing personal data and you should plan how to handle and protect such data. Sanctions are envisioned for responsible parties (called data controllers) who breach the requirements of the GDPR. These sanctions can amount to up to € 20 Million or 4% of your company’s worldwide annual turnover in extreme cases of not complying with the law.
In addition to the GDPR, EASA and EU legislators are at present discussing two future legal acts, which include references to privacy and privacy-enhancing drone features.
Relevant for drone operators and pilots, the EASA Prototype Regulation (laying down rules and procedures for the operation of unmanned aircrafts) requires that pilots operate with due respect for the privacy and data protection of individuals on the ground. In certain cases, a certification for pilots is required. Drone operators carry these responsibility to ensure that pilots comply with these requirements. For higher risk operations, the Regulation requires an impact assessment be carried out, which should consider, among others, privacy risks.
For drone manufacturers, legislators are discussing a regulation for making available on the market of unmanned aircraft for use in the ‘open’ category. For the more powerful drones, this Regulation requires that they be equipped with certain privacy- and transparency-enhancing features. These include geo-awareness (or geo-fencing) capabilities or electronic identification transmissions, which inform those around of the drones location and who is controlling it.
As you can see, the drone industry has to consider privacy and data protection within its activities and this requirement will likely increase with the adoption of new laws, specifically directed to you. So why am I telling you all this?
The DroneRules PRO project is a 2-year project, funded by the European Union’s COSME Agency. The project consortium is comprised of the following partners.
These four partners are collaborating to produce the project resources for you.
The chief goal of the DroneRules PRO project is to foster a privacy culture among the commercial drone industry in Europe by creating educational and information resources that are tailored to the drone sector and its needs. These resources will assist the drones industry in adjusting to new legislative requirements, such as the GDPR.
In addition, the project will ensure that the rights and freedoms of individuals on the ground are sufficiently protected.
By combining these two goals, the project will ultimately support the growth and development of the drones industry in Europe.
The project will take place as a 3-stage process.
Presently, we are in the first stage of the project – developing the information and educational resources. These will be an interactive e-learning course, as well as complementary and stand-along tools and templates, designed to fit into the work of drone professionals We work closely with stakeholders and experts in the field to ensure the quality and relevance of these resources.
In the next stage of the project, between March and July 2019, we will carry out at least 6 hands-on training sessions in 5 countries – in the UK, Belgium, Germany, Italy and Poland. These training sessions will not only seek to inform drone professionals of their legal responsibilities and how to comply with them. They will seek to evaluate the resources developed together with drone pilots, operators and manufacturers, as well as public authorities and industry associations, which are likely to reuse the resources.
Finally, between May and September 2019, we will optimize the resources with the feedback we have received and finalise them. The resources will then be made publicly available.
The DroneRules PRO project seeks to inform and educate all different actors within the drone industry – drone operators, drone pilots and drone manufacturers. To achieve this, we will develop multiple resources, each tailored to a different group or groups of professionals.
First, the e-learning course is the jewel in the crown of the DroneRules PRO project. It is an interactive and tailored module-based e-learning tool, which will teach users how to fly responsibly and respect privacy and data protection rules and principles.
The goal of the e-learning course is to empower drone professionals to assess their own operations as they plan and carry them out. By educating them, the course should allow them to identify the risks that their activities give rise to and implement the necessary safeguards to ensure they act responsibly and in compliance with the law.
To ensure that users receive relevant information in an understandable manner, some of the course modules will be developed in different versions, running in parallel. Each version will be tailored to the needs and operations a particular group of drone professionals – operators, pilots or manufacturers.
The content of the course will cover privacy and data protection concepts, requirements and risks, as well as safeguards, strategies and best practices for mitigating such risks and complying with legal requirements. Interactive games and tests will be interwoven throughout the entire course. I will now show you some examples.
Here are some examples of how interactive testing will be used to check the users’ knowledge and inform them, whenever they have give a wrong answer.
Naturally, the visual design of these tools will be further enhanced as the project further develops.
Inform: Whenever you capture or record any information about a person, especially clear images of their face, inform them about it. Draft a public privacy statement to provide further transparency.
Minimise: Always think about what kind of drone to use and how so that you capture the least amount of data about people in the area of your operation. Anonymise data where possible. Blurring faces, house and car numbers may help you alleviate your GDPR obligations.
Limit: The purpose for which you use the data to the purpose you originally stated and limit the storage of the personal data to the minimum period required.
Protect: Provide adequate security for the personal data and do not share it with third parties without informing individuals and ensuring data will be protected with its recipients. Share only anonymised data if possible.
Respect: Ensure that people can exercise their rights to object to data processing, change their mind about it or have their data removed. Remember, people also have the right to access their data, receive a copy of their data and correct it.
In addition to the e-learning course, further resources have already been developed and are being finalised as we speak.
I’d like to draw your attention to the PIA template, the Pre-flight checklist and the Privacy-by-design guide.
A Privacy Impact Assessment template has been developed for drone operators or pilots who plan drone operations.
Next, a pre-flight checklist has been developed for drone pilots, intended as a cheat sheet for pilots in the field.
Finally, a privacy-by-design guide has been compiled for drone manufacturers, supporting them in creating drones that comply with the law and which help pilots and operators fly in a responsible and privacy-aware manner.
Examined one by one, each resource brings something different to the table.
The PIA template will be an interactive software tool. It will allows drone operators or pilots to incorporate privacy and data protection principles and best practices into the very plan and design of their drone operations. The goal of this resource is to ensure that drone operations, especially those that pose high risks to the privacy and personal data of individuals, are planned and carried out in a way to minimise any potentially negative impacts on people on the ground.
Relevant to this is the DPIA, which could serve as a documentary proof that users have engaged in risk management and have planned how to comply with data protection requirements.
Next is the Pre-flight checklist . This is a small document which can be printed. It is a last-minute checklist for drone pilots in the field. It encompasses key questions to make sure that they are aware of everything they need to know or keep in mind while flying the drone and operating its sensors. It is intended to help them put the mission plan, especially its safeguards, into practice.
Flying near private or sensitive spaces
Flying near people
Capturing personal data
Finally, the Privacy-by-design guide is a report, designed to provide manufacturers with concrete advice as to the privacy-enhancing features they can incorporate into the design and build of both the hardware and software of their drones. The goal of this document is to help manufacturers comply with any privacy-relevant legal requirements they may be subject to, as well as to educate them about features they can incorporate, so that their drones support drone pilots and operators who are subject to European data protection requirements.
Finally, the project has developed and is currently improving a Privacy Code of Conduct – a best practice guide and hopefully an industry standard-to-be, aimed at drone operators and pilots.
The Privacy Code of Conduct is intended to give clear guidance, practical tips, do’s and don’t’s for both pilots and operators for their activities.
It has a wide scope and includes recommendations relating to the safeguards and best practices to keep in mind when planning a drone mission, how to carry it out in practice and how to handle, share and erase any personal data captured during a drone flight.
Ultimately, we hope that this document will prove useful and helpful to drone professionals around Europe, winning it stakeholder support among industry representatives.
We would love to hear your thoughts on the Privacy Code of Conduct to help us improve it. If you are curious to see it or would like to give us feedback, please get in touch with me and I’ll make sure you get a copy of it. The Commission is interested in hearing from you since the CoC is intended for you. You can find my email at the end of the presentation.