Abstract
Risk management is a well-known method to face technological challenges through a win–win combination of protective and proactive approaches, fostering the collaboration of operators, researchers, regulators, and industries for the exploitation of new markets. In the field of autonomous and unmanned aerial systems, or UAS, a considerable amount of work has been devoted to risk analysis, the generation of ground risk maps, and ground risk assessment by estimating the fatality rate. The paper aims to expand this approach with a tool for managing data protection risks raised by drones through the design of flight maps. The tool should allow UAS operators choosing the best air corridor for their drones based on the so-called privacy by design principle pursuant to Article 25 of the EU data protection regulation, the GDPR. Among the manifold applications of this approach, the design of fly zones for drones can be tailored for public authorities in the phase of authorization of new operations, much as for national Data Protection authorities that have to control the lawfulness of personal data processing by UAS operations. The overall aim is to present the first win–win approach to data protection issues, aerospace engineering challenges, and risk management methods for the threats posed by this technology.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Article 29 Data Protection Working Party. (2015). Opinion 01/2015 on Privacy and Data Protection Issues relating to the Utilisation of Drones, WP231, Adopted on 16 June 2015.
Article 29 Data Protection Working Party. (s.d.). Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679, WP248 rev.01, as last Revised and Adopted on 4 October 2017.
Bassi, E. (2019). European Drones Regulation: Today’s legal Challenges. In 2019 International Conference on Unmanned Aircraft Systems (ICUAS). Atlanta, GA, USA.
Cavoukian, A. (2012). Privacy and drones: Unmanned aerial vehicles. Ontario, Canada: Information and Privacy Commissioner.
Cifaldi, C., Mascarello, L. N., & Quagliotti, F. (2018). Regulations: The European way. In K. P. Valavanis & G. J. Vachtsevanos (Eds.), Handbook of unmanned aerial vehicles. Berlin: Springer.
Clothier, R. A., Walker, R. A., Fulton, N., & Campbell, D. A. (2007). A casualty risk analysis for unmanned aerial system (UAS) operations over inhabited areas. In AIAC12, Twelfth Australian International Aerospace Congress, 2nd Australasian Unmanned Air Vehicles Conference (pp. 1–15).
Commission, E. (2016). Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive.
Dalamagkidis, K., Valavanis, K. P., & Piegl, L. A. (2012). On integrating unmanned aircraft systems into the national airspace system: Issues, challenges, operational restrictions, certification, and recommendations. Berlin: Springer.
ENISA. (2018). Handbook on security of personal data processing.
European Aviation Safety Agency. (2015). Concept of operations for drones, a risk based approach to regulation of unmanned aircraft.
European Aviation Safety Agency. (2018). Opinion 01/2018, Introduction of a regulatory framework for the operation of unmanned aircraft systems in the ‘open’ and ‘specific’ categories.
European Commission. (2017, June 16). Press release. Aviation: Commission is taking the European Drone Sector to new Heights. Retrieved from http://europa.eu/rapid/press-release_IP-17-1605_en.htm#_ftn2.
European Commission. (2018). Regulation (EU) 2018/1139 of the European Parliament and of the Council of 4 July 2018 on common rules in the field of civil aviation and establishing a European Union Aviation Safety Agency, and amending Regulations (EC).
European Commission. (2019a). Commission delegated Regulation (EU) 2019/945 of 12 March 2019 on unmanned aircraft systems and on third-country operators of unmanned aircraft systems.
European Commission. (2019b). Commission implementing regulation (EU) 2019/947 of 24 May 2019 on the rules and procedures for the operation of unmanned aircraft.
European Commission. (26 November 2014). Opinion of the European Data Protection Supervisor on the Communication, A new era for aviation—Opening the aviation market to the civil use of remotely piloted aircraft systems in a safe and sustainable manner.
European Commission. (November, 2014). Study on the third-party liability and insurance requirements of remotely piloted aircraft systems (RPAS). Directorate-General Enterprise and Industry.
European Parliament. (November, 2018). Artificial Intelligence and civil law: liability rules for drones, PE608.848. Policy Department for Citizen’s Rights and Constitutional Affairs, Directorate General for Internal Policy of the Union, Study for the JURI Committee.
European Union Aviation Safety Agency. (2017a). Notice of proposed amendment 2017-05 (a)—Introduction of a regulatory framework for the operation of drones.
European Union Aviation Safety Agency. (2017b). Notice of proposed amendment 2017-05 (b)—Introduction of a regulatory framework for the operation of drones.
Fankhauser, P., & Hutter, M. (2016). A universal grid map library: Implementation and use case for rough terrain navigation. In A. Koubaa (Ed.), Robot operating system (ROS)—The complete reference (Volume 1). Berlin: Springer.
Finn, R. L., & Donovan, A. (2016). Big data, drone data: Privacy and ethical impacts of the intersection between big data and civil drone deployments. In B. Custers (Ed.), The future of drone use. Opportunities and threats from ethical and legal perspectives (pp. 47–70). Berlin: Springer.
Finn, R. L., & Wright, D. (2016). Privacy, data protection and ethics for civil drone practice: A survey of industry, regulators and civil society organisations. Computer Law & Security Review,32, 577–586.
la Cour-Harbo, A. (2018a). Quantifying ground impact fatality rate for small unmanned aircraft. Journal of Intelligent & Robotic Systems,93, 1–18.
la Cour-Harbo, A. (2018b). The value of step-by-step risk assessment for unmanned aircraft. In ICUAS 2018, International Conference on Unmanned Aircraft Systems. IEEE.
Pagallo, U. (2013). On the principle of privacy by design and its limits: Technology, ethics and the rule of law. In S. Gutwirth, R. Leenes, P. de Hert, & Y. Poullet (Eds.), European data protection: In good health? (pp. 331–346). Berlin: Springer.
Pagallo, U., Casanovas, P., & Madelin, R. (2019). The middle-out approach: Assessing models of legal governance in data protection, artificial intelligence, and the web of data. The Theory and Practice of Legislation. https://doi.org/10.1080/20508840.2019.1664543.
Primatesta, S., Cuomo, L. S., Guglieri, G., & Rizzo, A. (2018a). An innovative algorithm to estimate risk optimum path for unmanned aerial vehicles in urban environments. In International Conference on Air Transport—INAIR 2018, (pp. 1–10).
Primatesta, S., Guglieri, G., & Rizzo, A. (2018b). A risk-aware path planning strategy for UAVS in urban environments. Journal of Intelligent & Robotic Systems,95, 629–643.
Primatesta, S., Rizzo, A., & la Cour-Harbo, A. (2019). Ground risk map for unmanned aircraft in urban environments. Journal of Intelligent & Robotic Systems,93, 367–384.
Quigley, M., Conley, K., Gerkey, B. P., Faust, J., Foote, T., Leibs, J., … Ng, A. Y. (2009). ROS: an open-source Robot Operating System. In ICRA Workshop on Open Source Software.
SESAR Joint Undertakings, European Union. (2016, November). European Drones Outlook Study. Unlocking the Value for Europe.
Theia Technologies. (2009). Theia Technologies. How to calculate the image resolution.
Washington, A., Clothier, R., & Silva, J. (2017). A review of unmanned aircraft system ground risk models. Progress in Aerospace Sciences. https://doi.org/10.1016/j.paerosci.2017.10.001.
Wright, D., & Finn, R. (2016). Making drones more acceptable with privacy impact assessment. In B. Custers (Ed.), The future of drone use. Opportunities and threats from ethical and legal perspectives (pp. 325–352). Berlin: Springer.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Appendices
Appendices
1.1 Appendix 1: On LRfo Maps
In addition to the LRdp map presented in Sect. 6, a LRfo map can be created, in order to take into account the Flight Operation Assessment (FOA) and the characteristics of the flight operation. We used the DJI Mavic Pro with a 4 k camera. The LRfo map is computed using a flight altitude of 15 m and 25 m. The resulting maps are reported in Figs. 9 and 10.
The LRfo map of the same area of Fig. 6. The map assumes the use of an UAV at the altitude of 15 m and a 4 k camera
The LRfo map of the same area of Fig. 6. The map assumes the use of an UAS at the altitude of 25 m and a 4 k camera
Flight altitude affects the Level of Risk in the LRfo map. The Level of Risk lowers because the distance between the camera, i.e. the UAV, and the data subject increases. The Level of Risk of 32 defined by the hospital of Fig. 7 decreases to 30.13 with the flight altitude of 15 m. An altitude of 25 m decreases the Level of Risk to a value of 23.05. Accordingly, we may say that the Flight Operation Assessment (FOA) reshapes the Level of Risk LRdp. FOA softens the peak value and inflates risk distribution. Figure 6 of the paper in Sect. 6 illustrated this step using a three-dimensional view of both LRdp and LRfo maps.
The LRfo map evaluates the Level of Risk of a flight operation with a specific flight altitude and payload. According to the mission type, a DPIA threshold determines the areas in which a drone flight is allowed. The case study of Sect. 6 introduced two types of mission: delivery and emergency with threshold values set at 5 and 30, respectively.
1.2 Appendix 2: On NFZ (No Fly Zones)
In addition to the LRdp and LRfo maps, our Data Protection Map Generator casts light on the areas in which flying is not permitted. In particular, Figs. 11 and 12 illustrate two No-Fly Zones (NFZ) maps. They correspond to the altitude of 15 m. Threshold values are applied to the LRfo map of Fig. 8 accordingly. A crucial difference emerges as a consequence: in the map of the delivery mission, there are several no-fly zones; in the map of the emergency delivery mission, there are rare no-fly zones.
The NFZ map considering a delivery mission and flight altitude of 15 m
The NFZ map considering an emergency delivery mission and flight altitude of 15 m
Yet, how about the same parameters of Fig. 11 under a delivery mission, but flight altitude of 25 m.? Figure 13 reports this scenario. Again, no fly zones areas decrease. By considering mission and altitude at 25 m, in the case of emergency delivery, the UAS can fly all over the map because all areas have a Level of Risk lower than the DPIA threshold.
The NFZ map considering the delivery mission and a flight altitude of 25 m
Among the manifold applications of this approach to drones and personal data protection, we mentioned in the paper that a NFZ map can also be used as a path-planning algorithm to plan a flight mission in urban areas. Figure 9 above illustrated an example of such a path in the NFZ map, so that UAS can avoid all no-fly zones and every kind of obstacle.
Rights and permissions
About this article
Cite this article
Bassi, E., Bloise, N., Dirutigliano, J. et al. The Design of GDPR-Abiding Drones Through Flight Operation Maps: A Win–Win Approach to Data Protection, Aerospace Engineering, and Risk Management. Minds & Machines 29, 579–601 (2019). https://doi.org/10.1007/s11023-019-09511-9
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11023-019-09511-9