In which new or innovative ways do you think RPAS will be used in the future?

Transcription

1 Written evidence Submitted by Trilateral Research & Consulting On the House of Lords Select Committee on the European Union call for evidence on Civil use of remotely piloted aircraft systems (RPAS) in the EU 1. Trilateral Research & Consulting is a specialist research consultancy focused on issues related to risk, security, privacy, data protection and new technologies. We have conducted more than 20 research projects for the European Commission (under the 6th and 7th Framework Programmes), a range of tenders for the European Commission, the Information Commissioner s Office and the UNHCR as well as private sector services. All of Trilateral s research is focused on providing policy recommendations for the safe and responsible deployment of new technologies, with a particular focus on respect for privacy, data protection and other fundamental rights. Trilateral has examined the civil deployment of RPAS in an EC-funded project called PRESCIENT Privacy and Emerging Fields of Science and Technology and a tender for DG Enterprise on the Privacy and data protection issues associated with civil RPAS. We have peer-reviewed publications on the civil use of RPAS and our researchers are recognised experts in this field. Do you agree with the priorities identified in the European Commission s Communication for opening the aviation market to the civil use of RPAS? Are there other priorities which should have been included? 2. Trilateral agrees that safety is a key consideration with respect to civil RPAS, and the protection of people and their property should be the primary priority of the policy push in this area. This includes integrating RPAS into the single European sky and protecting the security of RPAS and their operations. This also includes a clear identification of the liabilities of different stakeholders involved in the RPAS sector, as a clear liability structure will support compliance by relevant organisations. The protection of citizens fundamental rights should also be understood as a key priority in relation to the integration of civil RPAS into European airspace. Any use of RPAS for civil purposes which does not adequately respect fundamental rights is essentially operating outside of European and Member State law, and as such, should be treated as seriously as breaches of safety regulations. However, RPAS operators and manufacturers are often well informed about aviation regulations and less well informed about privacy, data protection and other fundamental rights. This situation needs to be rectified both at the European and national levels. Supporting the market in relation to RPAS manufacturing and services is also important, but it should not be prioritised over considerations of safety or fundamental rights. What are the advantages and disadvantages of regulating RPAS at the national, EU or international levels, for example in the International Civil Aviation Organization (ICAO)? Are the EU s actions, proposed or otherwise, consistent with developments in non-eu countries, for example in the United States? 3. As Trilateral s expertise is focused on privacy and data protection, we will limit our answer to this question accordingly. The advantage of regulating RPAS at the national level is that privacy and data protections laws are clearer for RPAS operators and manufacturers, and there is greater likelihood of relevant jurisprudence in this area to assist in answering practical queries. Furthermore, many countries have laws or soft 1

2 law measures (e.g., codes of conduct) relevant to RPAS operations that could be used to provide guidance on privacy, data protection and other fundamental rights issues. For example, the UK has the CCTV Code of Practice developed by the Information Commissioner s Office. 1 These laws and other measures can assist RPAS representatives in identifying when privacy is likely to be infringed, when personal data is being collected, and what measures they should consider to mitigate these issues. Furthermore, each country has a specific agency, e.g., a Data Protection Authority or other body, to whom citizens, organisations or other interested parties can raise questions, issues and complaints. From the perspective of citizens and local and national authorities, national regulation might be more attractive. 4. However, regulation at the European level offers many advantages, particularly from the perspective of industry stakeholders that are operating across European borders. Specifically, there is no harmonisation of, for example, the definition of personal data between different Member States in the European Union. Furthermore, because RPAS are, themselves, such complex devices that can collect a myriad of different types of data, this lack of harmonised definition has significant impacts on the predictability of the regulatory environment. This is especially true as the RPAS industry grows, expands and matures. Regulation at the European level would provide more legal certainty and a predictable environment. In which new or innovative ways do you think RPAS will be used in the future? 5. Many of the new and interesting ways that RPAS will be used in the future will be to make the collection of data mobile. This includes the collection of personal data or data relating to people, as well as data that have little to do with people (e.g., environmental data, etc.). One of the most interesting and potentially troubling aspects of RPAS is their ability to operate undetectably and to enter spaces that were previously difficult or impossible to access. For example, RPAS could fly inside buildings, can access private gardens, and can also access areas of a crowd that might have been difficult to surveil from the edges (e.g., protests, concerts and other events). As such, RPAS may fundamentally change the nature of surveillance, and have significant impacts of privacy, data protection and fundamental rights. 2 In addition to the expanded use of visual payloads, the sensors and other technologies that can be connected to an RPAS are many, particularly as these other technologies become miniaturised. These could be used to infringe many different types of privacy, including privacy of location and space, privacy of behavior and action, bodily privacy, privacy of association, privacy of data and image and privacy of communication Many RPAS operators and manufacturers are beginning to consider their RPAS as machines through which they can collect massive amounts of data. Much of this data is being collected and processed in real time and is coming from a variety of sensors. As such, it meets the core definition, originally offered by Gartner, of big data in the 1 Information Commissioner s Office, CCTV Code of Practice, Wilmslow, There is also a draft, revised version that is currently the subject of public consultation. 2 Finn, Rachel, and David Wright, Unmanned aircraft systems: Surveillance, ethics and privacy in civil applications, Computer Law & Security Review, Vol. 28, No. 2, 2012, pp Finn, Rachel, David Wright and Michael Friedewald, Seven types of privacy, in Serge Gutwirth, Yves Poullet et al. (eds.), European data protection: coming of age?, Springer, Dordrecht,

3 sense that it is high volume, high velocity and is of significant variety 4 However, like all new information and communication technologies, this collection and processing of big data related to people raises significant risks when the following issues emerge. 1. When the data processing by RPAS is focused on the usual suspects whose rights are often infringed by new surveillance and monitoring technologies (protesters, consumers, people marginalised by race, class, gender or other social categorisations) 5 2. When the data collected is linked to other data sets to create profiles of specific groups of people or to identify individual people 6 3. When the big data sets are processed and used to infer causal relationships without sufficient theoretical support. 7. Each of these issues may cause harm to people on the ground by infringing upon their fundamental rights, including rights to the protection of personal data and rights to privacy. Research on media reports about the use of RPAS in Europe, the US and Canada has already revealed that RPAS operations by authorities in particular already target protesters, youth on council estates, squatters and other marginalized populations. 7 The deployment of RPAS on a large-scale will likely augment this disproportionate attention. Furthermore, many big data processing activities focused on people aim to discriminate between different categories of people in order to tailor products and services. 8 Additionally, as more and more data is collected, the linking of this data may reveal intimate details about a person s habits, preferences, etc. resulting in a privacy infringement. 9 It may also impact upon people s life chances in that decisions may be made about individuals based on profile information that has little relationship with their real circumstances. This is particularly problematic as the processing of large data sets often result in the identification of spurious relationships relationships between data points that are the result of chance but which emerge simply because the data set is so large. 10 Therefore, the linking of emerging big data applications with RPAS data collection may result in significant impacts on people s fundamental rights and life-chances. What is your view of the estimate by the AeroSpace and Defence Industries Association of Europe that RPAS activities will create about 150,000 jobs in the EU by 2050? What are the factors that might restrict the growth of the RPAS market? 8. Trilateral is not in a position to provide estimates of the commercial market for civil RPAS. However, we do feel that a lack of understanding of manufacturers and operators liabilities with respect to privacy and data protection may introduce costs that could negatively impact the growth of the RPAS market. Specifically, the 4 Laney, Douglas, The Importance of 'Big Data': A Definition, Gartner, Finn and Wright, op. cit., Finn, Rachel, and Kush Wadhwa, The Ethics of Smart Advertising and the Regulatory Initiatives in the Consumer Intelligence Industry, Info, Vol. 16, No. 3, 2014, pp Finn and Wright, op. cit., Finn and Wadhwa, op. cit., Ibid. 10 Boyd, Danah, and Kate Crawford, Critical Questions for Big Data: Provocations for a Cultural, Technological, and Scholarly Phenomenon, Information, Communication, & Society, Vol. 15, No. 5, p

4 research conducted for DG ENTR included a survey of civil RPAS practices among industry representatives, including RPAS manufacturers and operators. The associated research is ongoing, and the survey results will be released at the close of the project in late 2014 or early The survey found that the majority of the 91 self-selected RPAS manufacturers and operators who responded reported basic or poor understanding of European and national privacy and data protection laws. Furthermore, the same survey revealed that at least half of RPAS operators are probably collecting personal data during their missions. This means that there is a significant gap between the practices of civil RPAS operators and their legal obligations. This gap could introduce liabilities to the RPAS sector that could inhibit the growth of the market, while at the same time introducing risks to European citizens that their personal data is not being adequately protected. As such, it carries the potential to negatively impact the industry sector as well as members of the public. Will the existing competences of Member States for the safety of military and civil aircraft, as well as for more general issues such as the allocation and use of radio spectrum, be impacted by the proposed changes in the remit of the European Aviation Safety Agency (EASA)? 9. This is outside the scope of Trilateral s expertise. Are the existing data protection, liability and insurance regimes at EU and Member State levels sufficient to address the concerns raised by the potential greater use of RPAS, or are changes required? 10. The research carried out by Trilateral for the EC s DG Enterprise, in partnership with Vrije Universiteit Brussel, has found that the existing data protection regime, and especially the changes flowing from the proposed Data Protection Regulation, are adequate to address privacy and data protection issues raised by RPAS. However, our analysis reveals that there is a significant gap in RPAS industry representatives understanding of their privacy and data protection obligations and there is a significant gap in enforcement of data protection principles. Specifically, many commercial RPAS operations are posing significant risks to privacy and the protection of personal data. Yet, RPAS operators are not aware of or adequately addressing the following European data protection principles: Transparency Consent Accountability Data security Data minimisation Proportionality Purpose limitation Rights of access, correction and erasure This is a significant problem, as it can harm members of the public and the industry itself. Ensuring that transparency protocols are met will be a significant step in ensuring the accountability of RPAS operators and manufacturers. 11. In addition, the current data protection regime also leaves significant gaps in 4

5 respect of the household exemption. In the survey conducted by Trilateral for DG ENTR, Data Protection Authorities, Civil Aviation Authorities, RPAS industry representatives and civil society organisations all recognised private use of RPAS as representing the greatest threat to privacy, data protection and safety. This gap has not yet been adequately addressed by the legislation, and instead, individuals who are negatively impacted by RPAS must rely on laws surrounding harassment or stalking for legal recourse. 12. Trilateral also welcomes the addition of an obligation to consider privacy by design in the proposed General Data Protection Regulation as well as the obligation to carry out a Data Protection Impact Assessment (DPIA) or a privacy impact assessment (PIA). If the RPAS industry is adequately educated about these two measures and their associated obligations, we feel that many of the potential negative impacts of RPAS on privacy, data protection and fundamental rights could be identified early and prevented. The strength of such impact assessments is that they enable the regulatory framework to take account of the heterogeneity of RPAS technologies and missions. However, we caution that a PIA must not take a checklist approach and must be accompanied by a commitment to adequate training in order to ensure that RPAS operators are aware of their obligations We recommend that RPAS operators that are likely to collect data about people undertake a privacy impact assessment before conducting each type of operation. This will ensure that privacy, data protection and other fundamental rights are respected at the beginning, planning stages of the data collection, and that companies avoid costly retro-fixes or liabilities by reducing the risks their operations pose. We also specifically recommend that the European Commission or national policy-makers commission a privacy impact assessment framework, similar to the one that was constructed in relation to RFID and smart meters and evaluated by the Article 29 Working Party. Such a framework would assist the RPAS industry in recognising, understanding and meeting their legal obligations whilst protecting the fundamental rights of members of the public. Is EU research and development funding for RPAS sufficiently targeted towards the most important issues, for example, getting the airspace regulatory framework right, as against improving the limited airworthiness of today s small and lightweight RPAS? 14. In addition to the funding that has been allocated to study airworthiness, liability and insurance and privacy and data protection, Trilateral would argue for the allocation of funding to a transparency tool which would enable a holistic regulation of these issues with respect to RPAS. We feel that EU research should set aside funding to construct a recognition system for RPAS that would enable each and every RPAS to be identifiable, both in real time and in the event of a crash. This would require RPAS to carry mandatory, unique identifiers that would also enable the RPAS to be tracked via GPS using a centralised system. 12 It would also require a 11 For more information on privacy impact assessments see Wright, David, and Paul de Hert, Privacy Impact Assessment, Springer, Dordrecht, Such a system was also suggested by the International Working Group on Data Protection in Telecommunications, Working Paper on Privacy and Aerial Surveillance, 54th Meeting, Berlin, 2-3 September

6 centralised database of RPAS and their unique identifiers and well as their operators and contact information. Such a system would be a robust transparency tool that would enable citizens to immediately identify the RPAS, the operator and the avenue through which they could find out additional information. There is a significant opportunity to link accountability with regard to safety and liability and the protection of privacy, personal data and other fundamental rights. 15. Finally, as noted above, Trilateral recommends providing funding to commission a PIA framework for RPAS. Given the complexity of RPAS technologies and missions, a PIA framework would offer clear guidance about good practice in assessing the potential impacts of RPAS missions on privacy, data protection and other fundamental rights. Furthermore, such a methodology would also result in a harmonisation of practices across Europe. 6