Show menu
Shooting People
By continuing to browse this website you are agreeing to allow us to use cookies

GDPR and filmmakers

For some reason, I'm still getting spam from film festivals. If you run a film festival, or anything connected with seminars, note that I'm NOT interested!

However, it seems that, for now at least, no voice over artists or composers have bothered me. Thank you.

Anyway, I understand that with GDPR, you can still contact businesses with speculative CVs, right? But, as an individual in a business, my email can still be protected from being put onto lists, if I understand correctly.

Where do filmmakers stand with pitching projects to studios? Or, pitching to agents? Do we have to change the way we do things? If it's done properly, I don't see any reason best practice should change. However, so many "filmmakers" spam these days, and some of these might have to adopt better practice. If you're sending the same email to multiple strangers who didn't sign up to your list, please stop.

Another area is documentary filmmaking. I noticed that a few stock footage companies now require all faces to be blurred out, unless there's a release form, even if the footage is only for "reporting style" use and not "creative" use. (Note that creative use has always been stricter, even outside the GDPR area.)

I've seen questions about this elsewhere, many people seem to say it's just the data protection act. But, in other industries people are worried that it may be too expensive to comply.

I saw one of these "local warning notices" at an event recently:

There's one that can be downloaded from the Bath university gdpr guidance page. I'm not sure the notice will hold up in court, however, as how many people read every piece of paper stuck onto a post? There are language and dyslexia issues to consider as well.

And, of course, just because someone "consents" that doesn't mean they consent to their image being distorted or any real breach of privacy. If you happen to record a private conversation, about medical details for instance, you usually have no right to publish it. Some stuff you don't have a right to keep on your system. If you find details of a crime, it should go to the police and not to youtube anyway.

Also, note that advice on the web won't necessarily protect you in court. Even some professional sounding websites, like a university or a production house or a stock footage agency, can get things wrong. (They don't all agree with each other.)

Usually, if you treat people as you would be treated, they won't sue. Mostly, I think GDPR will be used against those annoying people who, well, who probably wouldn't even bother reading this or would ignore any good advice. That said, for political documentaries, I'm sure someone with something to hide will test the limits of GDPR.

If you see any errors, please correct me.

  • Lots of questions there Vasco!

    This legislation is all about the retention, application and exploitation of data. It's not allowed without the express permission of the person, or legal entity, from whom it is gathered.

    The sending of emails in itself, even if the correspondents don't know each other, as in a 'cold call', is not affected by the legislation. One does not need to have the recipients permission to send them an email. That would be preposterous.

    There's been quite a bit of misunderstanding about GDPR. For example if ones databases have been collected previously by the willing and proactive actions of those on it, in other words by the constructive choice of those on that database, then only the clear option to unsubscribe and be deleted is required to be clearly provided on all communications together with any privacy policy asserting that the owner of the database complies with any terms and conditions regarding the use of the data that's clearly agreed within the terms and conditions provided at the time that the subject entity agreed to participate and not any other licence beyond those T & C's is presumed. A great many entities scrabbling to present 'sign back in' messages probably don't need to.

    2 years ago
  • There's another issue with GDPR
    What about all the data stored by the police and GCHQ, including the data scooped up in their large nets with small holes about people who've not committed or even formally been accused of a crime?

    The consequences that can be extrapolated from this further example of blunt instrument legislation have scarily passed over the heads of most commentators.

    2 years ago
  • I'm warming to thus theme. The GDPR clause talk about the right to retain data without the subjects permission where there are compelling reasons to do so. Abother example of blunt instrument legislation. In any event the examples of data catchment consequential to the sort of 'fishing expeditions' undertaken by any kind of law enforcement or statutory intelligence agency can never legitimise the retention of the personal data of people who are not convicted or under investigation for a specific crime.

    There's going to be some interesting test cases I imagine.

    2 years ago
  • A friend's company produces this for the event and televised event industries - .
    It brings productions into easy alignment with GDPR. I'm trying to bring it into the film arena with another line producer - it's already a good fit, though.

    Just floating it here in case anyone is interested.

    2 years ago
    • Cheers for that Paddy. I'll take a look shortly

      2 years ago