Ministry of Interior – Violation Found (France, 2021)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The French Ministry of Interior used drones with cameras to monitor COVID-19 lockdown compliance, but the cameras could identify people, violating privacy laws. This is important because it shows that even government bodies must follow strict rules when using surveillance technology. The case highlights the need for transparency and privacy protection in public surveillance.
What happened
The Ministry of Interior used drones with cameras capable of facial identification to monitor public spaces.
Who was affected
Individuals in public spaces who were potentially identifiable through drone surveillance.
What the authority found
The French DPA found that the Ministry violated data protection laws by using drones that could identify individuals without proper safeguards.
Why this matters
This case emphasizes that government agencies must comply with privacy laws when using surveillance technology. It highlights the importance of ensuring that surveillance tools do not infringe on personal privacy rights.
GDPR Articles Cited
National Law Articles
During March 2020 , the press reported the use of drones equipped with cameras by the police forces in several places, in order to monitor compliance with COVID-19 lockdown measures. The French DPA questionned the Ministry of the Interior on the subject. In absence of reply, the DPA initated an inquiry. The Ministry was summoned to answer a questionnaire. It stated that the drones had also been used for other purposes : scouting an area before an arrest, surveillance of a drug traficking, of demonstrations and road transport. An on-site control then established that the camera used were efficient enough to allow for facial identification of individuals. In this context, the report concluded to several violations of data protection law and proposed a sanction. The Ministry's main line of defence was that, since August 2020, a face-blurring program has been implemented. As a result, data were allegedly anonimized, and data protection regulation not applicable. Is the recording of images by drones equipped with cameras a personal personal data in the sense of Article 4 GDPR ? Did the Ministry of Interior comply with the [https://www.legifrance.gouv.fr/loda/id/JORFTEXT000000886460/2021-01-19/ French Data Protection Act] implementing [https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32016L0680 Directive (EU) 2016/680] ? The DPA issues a public call to order against the Ministry of the Interior, on the following grounds. On the processing of personal data The DPA reminds the broad definitions of processing and personal data laid down by Article 4(1) and (2) GDPR. The DPA then quotes [https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A62013CJ0212 ECJ, 11 December 2014, Ryneš, case C-212/13] (point 22), [https://edpb.europa.eu/our-work-tools/our-documents/guidelines/guidelines-32019-processing-personal-data-through-video_en EDPB Guidelines 3/2019 on processing of personal data through video devices], a [https://www.legifrance.gouv.fr/ceta/id/CETAT
Outcome
Violation Found
The DPA found a violation but did not impose a fine.
Related Enforcement Actions (0)
No other enforcement actions found for Ministry of Interior in FR
This is the only recorded action for this entity in this jurisdiction.
Details
Decision Date
12 January 2021
Authority
Commission Nationale de l'Informatique et des Libertés
GDPRhub ID
gdprhub-3088About this data
Cite as: Cookie Fines. Ministry of Interior - France (2021). Retrieved from cookiefines.eu
Last updated: