UNICA logo

Data Privacy

Q & A s

Isn’t my National Organisation doing anything about GDPR?

At BDFA we have already worn our fingers to the bone on this subject, and made efforts to complete the Impressum, data protection declaration and procedural notes on data protection in the BDFA in time for 25 May 2018. The problem is that GDPR, like many other legal texts, is often formulated rather vaguely. Nobody at present can give legally reliable recommendations, often not even lawyers.

Our main worries are public film screenings with regard to the privacy rights of people and possibly also of premises shown. We are not at all sure if we should cancel our events as a precaution.

It would be a pity if you were to cancel such events. Unfortunately, we, just like all the lawyers, cannot guarantee that there will be no problems or even say if they are likely. The exact interpretation of the GDPR must first be clarified by the courts and this may take some time.

We should not let ourselves be driven crazy by this. Some things can't happen, for common sense reasons, despite what certain people are currently proclaiming. Cultural life would come to a standstill, if everything were to come to a halt, as feared by some pessimists.

What is the position of making films in a public space if we include people as "accessories"? Do we now need a written declaration of consent from each person?

Some EU countries have already answered this question. There are indications that there will not be much change to the rulings in place before GDPR. We also believe this to be realistic because, in future, it will not be possible to obtain written consent from everyone who appears in the background of a reportage of a procession, for example. As always, however, there is currently no guarantee that this will be the case.

May pictures of events, club celebrations or excursions be published without the consent of the people involved?

With regard to exceptions, the GDPR speaks of a "legitimate interest". This "legitimate interest" of doing something, such as publishing pictures of events for the purpose of informing the public, will in future be the focus of a great deal of attention. It will not be possible to seriously question the legitimate interest of the organiser in illustrated reporting. Anyone who goes to such an event shows their face in a public space.

Let's take two examples:

What about consent forms from the people I film?

As a filmmaker, you should have dealt with this before 25 May 2018. It is already the case that you should have your leading actors assign to you their performance rights. In future this should take the form of a contract because, for the "fulfilment of a contract", or with a "legitimate interest", you may continue to process personal data, which also includes pictures.

A simple consent could be revoked at any time.

Is my national organisation liable for my film if it is shown at one of their film festivals?

The author (film maker) alone is liable for her or his film and by signing the festival registration form affirms that she or he owns all rights to the work. This is not new and has been the case from well before the GDPR. No festival organiser in the world can assume liability.

What about the mailing list for the national newsletter?

We would like to update you on our new data protection declaration and on the procedural information on data protection. We will point out, once again, that any subscriber can unsubscribe at any time. We will probably not ask for a renewed confirmation that subscribers wish to receive the newsletter in the future. You may have noticed in recent weeks that there is no standard procedure for the newsletters of many companies. some pessimists.

Should our film club expect a warning in the event of infringements?

Whether or not it will come to a wave of warning processes, nobody can foresee at this time. In some countries, such as the UK the responsible government body has stated that any infringement will be dealt with in the first place by a warning. If a warning has been received, of course, then compliance with that instruction is mandatory. Any repeated offence would incur a very large fine.

There are political efforts to mitigate these in the event of a dispute. Lawyers who send warnings probably look at the websites primarily, otherwise it becomes difficult to determine offences of a club or association against the GDPR.

The best protection here is to show that you take the topic seriously and have adapted your website. It is also advisable to remove the Impressum, privacy statement etc. from the Google index, so that it is not so easy to find possible errors with simple Google searches. How you do this can be found in the information tool created by Jürgen Liebenstein, as can many other relevant matters.

Is it possible to protect oneself against claims for damages?

Every committee is liable for its own club. Securing against claims is certainly not easy to arrange.

The most important thing:
keep calm. Do not encourage the spread of half-knowledge. Above all, avoid panic!
And if you need creative relief from these monsters of the age of bits and bytes, just shoot a movie.

< Introduction | < Of Ogres in the age of bits and bytes | Info Tool & Events >