Privacy Impact Assessment Checklist

A Professional users Privacy Impact Assessment (PIA) checklist can be undertaken for either:

  • A single drone operation that involves the processing of personal data; or
  • Multiple similar drone operations that involve the processing of personal data.

Steps and Relevent Questions


    Provide a plan and description of the processing activities, including a map of data flows – from collection to erasure.


    • What data am I collecting? Does this include personal data in the form of:
      • Still or moving image
      • ensor data
      • Other types of data
    • How am I collecting the data? (With what payloads, equipment?)
    • Where is the data being collected from?
    • If I am not intending to collect information about individuals directly, is there some chance that personal data will be collected inadvertently?
    • What is the purpose of the collection of this data?
    • Is all the data collected necessary to achieve this specified purpose? What is the minimum amount of data I need to achieve this purpose?


    • How is the data processed? What happens to the data after its collection?
    • How is the data being stored?
      • Is there automated processing of the data including sending it to a centralised system for processing?
      • Is storage secure?
      • Who has access to the data?


    • Is the data being shared?
      • If so, with who and by what means?
      • How is the data protected by those it is shared with?


    • How is the data being erased?
    • When is the data erased?
  • 2. CONSULT

    Assess whether all relevant information for the fulfilment of the previous step is readily available to you. If necessary, consult other sources. Include any information gathered during this step in the description.

    • Do I need further information to answer any of the questions above? If so:
      • What information is needed?
      • Who do I need to consult with?

    Identify any privacy and data protection risks that may arise in relation to processing activities. Use the description of your drone operations and the data flows prepared above to help guide you. Use the list here to help you identify which particular privacy and data protection rights/principles may be threatened.

    • What privacy risks arise? Think of the different aspects of an individual\'s private life which privacy protects.
      • Privacy of association
      • Privacy of location and space
      • Bodily privacy
      • Privacy of data and image
      • Privacy of behaviour and action
      • Privacy of thoughts and feelings
      • Privacy of personal communication
      • Chilling effect
      • Function creep
      • Dehumanisation of the surveilled
      • Transparency, visibility and accountability
    • What data protection risks arise?
      • Lawful processing – What legal basis do you have to collect and process the personal data? E.g. consent, contract, legitimate or vital interest?
      • Fair and transparent processing – Are people aware of what the drone is doing, who you are and what will happen to their data? Can they reach you with any questions and requests?
      • Purpose limitation – What is the purpose of the data collection and use?
      • Data minimisation – What is the minimum amount of personal data I need to collect to fulfil the purpose above?
      • Data security – what technical measures ensure that the personal data processed is secure? Are there any other measures, such as physical security of files?
      • Data retention – Will I erase the personal data as soon as possible? Data accuracy – How do I know if all personal data is accurate and up to date?
      • Rights of the data subjects – Am I ensuring the data subject can access their rights of access, erasure etc.?
  • 4. SOLVE

    Identify the steps that can be taken or are being taken to minimise any privacy or data protection risks identified in the previous step. These could be organisational, procedural or technical safeguards.

    • How is privacy by design (and privacy by default) implemented within the drone or the system I use to access and process the drone data?
      • Anonymisation
      • PseudonymisationIs data automatically deleted after a certain period of time?
      • How is the security of the data maintained? How is access to view / alter the data authorised?
    • How do I operate the drone in the best possible way?
      • What are the best latitude and area to operate my drone and minimise any impact I have on people’s privacy and personal data, while also achieving my purpose?
      • What time of the day should I carry out my activities?
    • Transparency
      • Can I effectively inform people in the area of my activities before or while they take place?
      • How can I inform individuals what personal data is being collected, what it is being used for or who it is shared with?
    • Lawful collection
      • Have individuals given their consent? Do I have an agreement with them?
      • Am I required by law to collect this data?
    • How are the rights of the data subject ensured (access, correction, erasure)
      • Do individuals know how and who to contact in order to access, correct or request their data to be deleted?
      • If not, how can I inform them and make the process as easy as possible?

    Ensure adequate records of all the steps of a PIA are created and maintained.