As our previous post stated, the commercial use of drones, or small unmanned aerial systems (sUAS), for urban real estate and construction has gained some traction with the passage of the New York City Council’s bill requiring the Department of Buildings (DOB) to study the feasibility of using sUAS to inspect building facades. With this new bill, as well as other metropolitan cities that will surely follow suit, one of the biggest issues on the forefront for the public at large is privacy.
Think about it: how would you feel if a drone flew over your house while you were in your private backyard, enclosed by a fence, sunbathing? Watering your garden? Playing soccer with your kids? Or sitting at your desk and a drone hovered by your window? Your answer probably rests on who was flying the drone and the reason for flying the drone. However, if you are like many others across the U.S., you would probably have some privacy concerns. As bills like the New York City Council’s pass, the public wants to know how the proliferation of such drones will affect their privacy and what the legal limits are for these drones.
The Federal Aviation Administration’s (FAA) sUAS regulations (Part 107) do not address privacy issues. Essentially, as long as the drone operator is compliant with operational restrictions and has obtained appropriate waivers and permissions as needed, there are no other federal restrictions regarding flights when it comes to preserving public privacy -even over your backyard or in front of your office window in the skyscraper in which you work.
If you look at the public perception of drones and privacy, of 1,047 participants cited in a 2019study by the College of Aviation at Embry-Riddle Aeronautical University, most people said they were not concerned about hobbyists, construction or real estate companies, but were more concerned with drones operated by the government, military or law enforcement, with unmarked drones generating the most privacy concerns.
So where do we stand on privacy and drones in the United States? Well, it’s a gray area. As noted above, the FAA’s Part 107 rule does not specifically deal with privacy issues, and the FAA does not (and has not agreed to) regulate how sUAS gather data on people or property. The FAA says that it “strongly encourages all [s]UAS pilots to check local and state laws before gathering information through remote sensing technology or photography.” Where does that leave us? Where should companies look for guidance?
In 2016, privacy groups and industry stakeholders participating in the National Telecommunications & Information Administration (NTIA) Multi-Stakeholder process released a set of best practices for commercial and private drone use. Participants included Amazon, AUVSI, Center for Democracy and Technology, Consumer Technology Association, CTIA, FPF, Intel, X (formerly Google X), New America’s Open Technology Institute, PrecisionHawk, SIIA, Small UAV Coalition, and many media organizations. Those ”best practices” included:
- Informing others of your use of drones (i.e., where reasonable, providing prior notice to individuals of the general timeframe and area where you may anticipate using a drone to collect identifiable data);
- Showing care when operating drones or collecting and storing personally identifiable data (i.e., retaining only information that you must retain and de-identifying information when possible);
- Limiting the use and sharing of identifiable data;
- Securing identifiable data; and
- Monitoring and complying with evolving federal, state and local drone laws and regulations.
This is a great place to start as it brings us back to the basics of privacy. Whether it’s the collection of information from consumers or employees or data gathered through the use of a drone, it all comes down to transparency. However, these are only best practices – not laws or regulations. So, is there any accountability? The industry, the FAA, and local and state lawmakers are working on it. Right now, we have to look to a smorgasbord of privacy and aviation laws and apply them to drone flights and data collection.
From a federal perspective, the FAA Part 107 rules do not allow for flights over people unless the pilot obtains a special waiver. In New York City for example, you’d be hard pressed to find a street that isn’t densely packed with people. Further, most of New York City is controlled Class B airspace because of its airports. Again, to fly in these areas, the pilot would need FAA authorization. This is not to say that the FAA won’t issue a waiver or provide the authorization.
But, the FAA has now proposed a rule for flights over people, Which would allow drone flights over people if the drone falls within one of three new categories, which are based on injury-risk factors. Drones in the highest-risk category would be prohibited from hovering over open-air assemblies of people unless they are in a closed or restricted-access area, such as a stadium, and have been notified authorities of the drone operation. Further, any drone that will fly over people must bear a label identifying its category, except those in the lowest-risk category (i.e., drones weighing .55 pounds or less). Manufacturers of drones weighing more than .55 pounds that want them to qualify for flights over people must certify that the drones meet specified impact-force thresholds and will not contain exposed propellers or rotating parts that will cut human skin. They also must provide pilot instructions, allow FAA inspections, have procedures to notify the FAA and the public of safety defects, and keep records related to the drones. NOTE: nowhere in this proposed rule is the issue of privacy addressed. Again, the industry and stakeholders must weigh in and create a standard if the law lags behind.
However, recently, the FAA also proposed a rule on remote identification of sUAS. The rule would facilitate the collection and storage of certain data such as identity, location, and altitude regarding an unmanned aircraft and its control station. The period for comment on the FAA’s published notice of proposed rulemaking on remote identification closed on March 2, 2020. The FAA is now targeting 2021 as the launch of its remote ID program, which would permit police officers, aviation authorities and other public officials to search for a drone by a broadcast unique identifier to find out who the operator is. Will this put the public more at ease? If a drone is hovering, with no markings, and you call your local police department, presumably they’d be able to identity the individual operator and take action. We’ll see what the future holds.
While the future of drones and privacy is unclear and still evolving, one thing is certain – to ensure that drone technology benefits society as a whole, any proposed frameworks should include an eye towards privacy.