Article: Data Protection Impact Assessment for Unmanned Aircraft Systems Operations in Kenya: Past, Present and Future Perspectives

Abstract

Data Protection is concerned with the processing of personal information of individuals within a regulated sphere, taking into account protected rights. It principally underscores that the operations of unmanned aircraft systems (UAS) should be in an environment that appreciates the established canons of data protection. UAS operations pose a potential threat to an individual’s privacy, the human right that anchors the protection of personal data. This article examines what the present and future hold for data protection impact assessment (DPIA) in regulation of UAS. The article discusses the impact that the history of UAS Regulation has had on the regulation on data protection challenges. It then proceeds to highlight how the data protection agenda took a significant place in the UAS regulation in other areas and in Kenya. Towards this end, an assessment of the legal development is made. Even then, it does appear that, despite this milestone in UAS technology and law, regulators still have to contend with many issues on how to approach the sacrosanct element of privacy in UAS operations. Against this backdrop, this article sees into the future and suggests how the emerging practice and policy on DPIA as a risk-based strategy can be harnessed and streamlined to minimize the exposure related to processing of personal data by the UAS operators or in the course of UAS operations. Among many others, this article finds that UAS operators, who can be categorized as either data controllers or data processors, are, therefore, required to interrogate their mandate in ensuring that they are in full compliance with the law. Data protection, UAS, DPIA, Kenya, Privacy, Law, Regulation, KCAA, Risk, DPIA, ODPC