Drones are becoming more widespread globally, and Hungary is no exception. Cameras, heat and motion sensors, GPS, Bluetooth, Wi-Fi signals, facial recognition and biometric scanners allow for the growing use of drones in the industrial, agricultural, transportation and retail areas. In the lack of specific law, the use of drones—theoretically—is possible only upon individual permit from the Hungarian Aviation Authority (Légügyi Hatóság). As the preparation of the specific legislation is underway, the Hungarian Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság or NAIH) issued guidance for the legislators and users on the data privacy aspects of the nonmilitary (state, commercial and private) use of drones.

Raising privacy issues for lawmakers and users in such a proactive way is a remarkable effort from the NAIH. However, there are some elements in the guidance which may be difficult to comply with in the actual practice.

Most Important Comments from the NAIH and Their Practical Implications:

• Extra-territorial scope. The territorial and personal scope of the new law should extend to all data processed by a drone operating in Hungary’s airspace, irrespective of the drone’s starting point and final destination. The extended scope proposed by the NAIH looks reasonable from a regulatory perspective; however, its enforcement may be difficult without adequate resources and an agreed official process between the various countries and authorities involved.

• Mandatory privacy impact assessment process shall form part of the authorisation procedure regarding drones. In case of more complex data processing activities, the Aviation Authority will consult the NAIH. From a practical perspective, this may require increased capacity and availability at the NAIH.

• Additional privacy information: The NAIH proposes to the legislature to introduce a method that identifies the controller easily and enables online and offline access to the privacy information before the actual data collection. For example, a system may be created with a built-in search engine containing the flight path, traceable in real time and accessible after the flight. The creation of an official record of the individuals operating/using drones for a commercial purpose may also be necessary. In practice, the widespread use of drones for private purposes may result in unreasonable administration in connection with the above, both for users and the Aviation Authority. Whilst transparency efforts are welcome, drone users and operators may also be reluctant to provide so detailed information on their activities for confidentiality reasons.

• Privacy by Design shall be part of the proposed legislation, the NAIH believes. For example, if the drone records flight details for aviation safety considerations, personal data captured but not relevant for this purpose should be anonymised and stored separately or should be made unidentifiable, unrecognisable and inaccessible by the controller immediately after the drone finished flying.

• Specific data security measures: In case of drones, secure data connection and data separation, e.g., miscellaneous data recorded for aviation safety reasons, are essential. The NAIH does not deem data transfer through WiFi secure and suggests controllers use another measure (VPN, a separate service package, encrypted network). Data should be stored on the drones only temporarily. Besides the customary privacy information, the Aviation Authority should also assess the essential elements of the recording technology and security system(s) being used and the data deletion/anonymisation methods. Whilst the specific data processing techniques may be significant part of the operation of the drones, it is ambiguous whether a drone operator is ready to disclose the—potentially confidential—technology used in such a detailed manner.

• Privacy by default is considered by the NAIH mandatory; drones should not process disproportional amounts of data or data different from the data collection purposes. For example, during the security surveillance of a property, the drone may record pedestrians’ faces, movements, body-temperature etc., and the devices should be configured in a way which prevents them from this kind of processing. Drones shall solely be able to signal the location and fact of an allegedly unauthorised attempt at entry onto the premises. In practice, this principle should be assessed on a case-by-case basis, as the actual use of the drone may require more extended data processing than envisaged at the beginning. The drone may locate a trespasser who needs to be identified (to ensure to security surveillance purpose), and, in such a case, privacy-by-default settings should not prevent the enforcement of the drone operator’s legitimate interests.

• Secondary data processing: According to the NAIH, data usage for secondary purposes or in any manner incompatible with the original purpose shall be subject to the Aviation Authority’s permit. For example, a recording of an agricultural land cannot be used for the surveillance of agricultural workers. Data should be retained for secondary purposes only if it cannot be accessed from elsewhere and absolutely necessary for state objectives or permitted commercial objectives. Unfortunately, the NAIH does not consider cases when secondary use may be necessary for legitimate purposes, most importantly, for analytics. New uses of information beyond the original purposes stated at the time of authorisation should be permissible, provided there is no harm to privacy.

• Private use: The NAIH proposes that legislation should contain restrictions on the private use of drones. For aviation safety considerations, only governmental and commercial users should use drones over a certain size and specifications. Private use may be permitted in specific areas, as appointed by law, and subject to simplified registration and authorisation procedure. The NAIH also proposed to exclude the use of drones from “household exemption”. In addition, the NAIH emphasised that the relevant people shall also be allowed to exercise their data protection rights and remedies, including watching the recording made by the drone and objecting against the processing in advance. For example, if the owner of the property affected by the flight path objects, the controller must modify the route of drone or switch off the camera. Introducing internal procedures to ensure compliance with the above access rights may cause significant efforts on behalf of drone users/ operators. Whilst data protection rights and remedies are essential, it may be questionable if private drone users will comply with the rules in practice and whether the competent authorities have the capacity to verify compliance at all.

As a next step, the legislature may publish the draft drone bill for public discussion. Considering the significant data processing aspects, it is likely that the NAIH will actively comment the privacy elements of the law. Hopefully, practical issues and the international experience regarding similar legislation will also be considered.

photo credit: IMG_2149 via photopin (license)