Data Protection Academy » Data Protection News » Photography ban in schools: not a consequence of the GDPR
Ban on photography in schools not due to GDPR
With the end of the summer holidays, school starts for many children. Parents and schools alike are keen to capture this joyous occasion in photographs. In the course of the coming into force of the General Data Protection Regulation (GDPR) but especially the responsible persons from schools or kindergartens are unsettled. According to media reports, many photography bans were imposed at many school enrolments this year. Of course to the incomprehension on the part of parents or relatives of the children. These photography bans were often justified with data protection concerns. Wrongly, as we explain in more detail in the article.
General Data Protection Regulation does not prohibit photography
In principle, it is possible for the owners of the house rights of kindergartens and schools to impose a ban on photography. However, these bans are not part of the GDPR. By law, data protection law does not apply to private data processing. In the GDPR, Article 2(2)(c), the so-called "budgetary exception", states precisely:
This regulation shall not apply to the processing of personal data by natural persons for the sole purpose of carrying out activities which are strictly personal or family related.
This means that family members can, of course, take photos of their children in view of the basic data protection regulation. However, it is important to note whether the school has imposed a ban on photography for other reasons. However, these bans are not a consequence of the GDPR.
The problem is the uncontrolled transfer to third parties
The basic data protection regulation only comes into effect again when the exclusively private area is left. That is, when the pictures taken are published on the Internet, e.g. via social media channels.
In terms of data protection law, the conditions under Article 6 of the GDPR must be respected. The interests of children must, of course, be considered separately and must be given special protection.
The most common problem is uploading pictures that are actually private on social media channels like Facebook. Especially if an unlimited group of people can access the uploaded pictures. With regard to Facebook, this would be the case if pictures were uploaded to the Facebook timeline as public post without any further settings.
However, if pictures are published in groups protected by user name and password or only accessible to a selected group of people, one is still within the budget exception.
External Data Protection Officer
You are welcome to contact us as external data protection officer (DPO) order. We also offer individual consulting services as well as audits and will be happy to provide you with a non-binding offer. You can find more information about our external data protection officers on our website.
Opinions of data protection experts
Stefan Brink, state data protection officer of Baden-Württemberg says on Twitter
"No photography in schools or kindergartens? Not because of the GDPR! For private/personal purposes everyone is allowed to take photos of anyone - only when published there are limits".
Harald von Bose State Data Protection Commissioner of Saxony-Anhalt to dpa
"If the photos of your own children remain within the family circle, you can take them without hesitation. That was so and is so. This fine practice does not compromise privacy."
Summary on data protection with regard to bans on photography in schools
- The GDPR permits photography for private purposes
- The GDPR prohibits the uncontrolled publication of images, for example via social media channels
- Schools may impose bans on photography, but not on the basis of the GDPR but on the basis of the house rules
Current media reports on the subject of the ban on photography:
- COVID-19 and data protection - March 25, 2020
- Data protection in the USA - part 3 of the delegation visit - December 6, 2019
- Data protection in the USA - part 2 of the delegation visit - December 3, 2019
This might interest you too:
https://media.robin-data.io/2022/05/23150704/homeoffice.jpg
341
685
Ulrich Hottelet
https://media.robin-data.io/2022/07/05140916/Robin-Data_ComplianceOS_white_logo.png
Ulrich Hottelet2020-03-26 14:24:282022-12-06 14:33:50Data protection and data security while working from home
https://media.robin-data.io/2022/05/23150651/Zusammenarbeit-2.jpg
341
685
Ulrich Hottelet
https://media.robin-data.io/2022/07/05140916/Robin-Data_ComplianceOS_white_logo.png
Ulrich Hottelet2020-03-09 09:04:232022-08-29 13:47:07Use of social networks by public authorities
https://media.robin-data.io/2022/05/23150407/Header-Datenpanne.jpg
343
685
Caroline Schwabe
https://media.robin-data.io/2022/07/05140916/Robin-Data_ComplianceOS_white_logo.png
Caroline Schwabe2020-02-19 10:55:122022-05-24 16:23:59Data breach at Klarna: Third party data visible
