Wexford County Council used drones to monitor compliance with Covid-19 restrictions during the initial lockdown earlier this year due to fears of an influx of tourists from Dublin.
A report drawn up by the council into its use of drones, as required by a Data Protection Commission investigation into the matter, states that officials felt the county was “uniquely vulnerable to” a high incidence of community transmission of the virus due to it being “blessed with a wonderful coastline that attracts thousands of visitors on an annual basis”.
The report, which has been released by the council due to the DPC’s investigation having concluded, states that the council felt visitors from Dublin were of “particular” threat at the time, due to it having the highest rate of incidence per 100,000 people in the country, and Wexford having the lowest.
Last month the DPC ruled that Wexford County Council had failed to adhere to data protection law by not compiling a Data Protection Impact Assessment (DPIA) — a prerequisite before embarking upon projects where a measurable privacy impact will result — before running the drone surveillance programme, which recorded 13 hours of footage between April 10 and April 29.
However, the Commission declined to impose any fines on the council under the General Data Protection Regulation (GDPR) due to the council having promptly changed its drone policies to mandate a DPIA before any future purchase or use of drone technology.
The council said that while no DPIA had been carried out, an “informal data privacy impact assessment in consultation with relevant colleagues” had informed the decision to deploy the two drones.